aboutsummaryrefslogtreecommitdiffstats
path: root/config/haproxy-devel
diff options
context:
space:
mode:
Diffstat (limited to 'config/haproxy-devel')
-rw-r--r--config/haproxy-devel/haproxy.inc210
-rw-r--r--config/haproxy-devel/haproxy.widget.php2
-rw-r--r--config/haproxy-devel/haproxy.xml33
-rwxr-xr-xconfig/haproxy-devel/haproxy_global.php88
-rw-r--r--config/haproxy-devel/haproxy_htmllist.inc2
-rw-r--r--config/haproxy-devel/haproxy_listeners.php10
-rw-r--r--config/haproxy-devel/haproxy_listeners_edit.php39
-rw-r--r--config/haproxy-devel/haproxy_pool_edit.php65
-rw-r--r--config/haproxy-devel/haproxy_pools.php2
-rw-r--r--config/haproxy-devel/haproxy_socketinfo.inc2
-rw-r--r--config/haproxy-devel/haproxy_stats.php7
-rw-r--r--config/haproxy-devel/haproxy_utils.inc2
12 files changed, 327 insertions, 135 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc
index 273091b3..76b836b6 100644
--- a/config/haproxy-devel/haproxy.inc
+++ b/config/haproxy-devel/haproxy.inc
@@ -158,6 +158,88 @@ $a_sticky_type['stick_rdp_cookie'] = array('name' => 'Stick on RDP-cookie',
'descr' => "Uses a RDP-Cookie send by the mstsc client, note that not all clients send this.",
'cookiedescr' => 'EXAMPLE: msts or mstshash');
+if(!function_exists('group_ports')){
+// function group_ports() is present in pfSense 2.2 in util.inc
+/* create ranges of sequential port numbers (200:215) and remove duplicates */
+function group_ports($ports) {
+ if (!is_array($ports) || empty($ports))
+ return;
+
+ $uniq = array();
+ foreach ($ports as $port) {
+ if (is_portrange($port)) {
+ list($begin, $end) = explode(":", $port);
+ if ($begin > $end) {
+ $aux = $begin;
+ $begin = $end;
+ $end = $aux;
+ }
+ for ($i = $begin; $i <= $end; $i++)
+ if (!in_array($i, $uniq))
+ $uniq[] = $i;
+ } else if (is_port($port)) {
+ if (!in_array($port, $uniq))
+ $uniq[] = $port;
+ }
+ }
+ sort($uniq, SORT_NUMERIC);
+
+ $result = array();
+ foreach ($uniq as $idx => $port) {
+ if ($idx == 0) {
+ $result[] = $port;
+ continue;
+ }
+
+ $last = end($result);
+ if (is_portrange($last))
+ list($begin, $end) = explode(":", $last);
+ else
+ $begin = $end = $last;
+
+ if ($port == ($end+1)) {
+ $end++;
+ $result[count($result)-1] = "{$begin}:{$end}";
+ } else {
+ $result[] = $port;
+ }
+ }
+
+ return $result;
+}
+}
+
+function haproxy_portoralias_to_list($port_or_alias) {
+ // input: a port or aliasname: 80 https MyPortAlias
+ // returns: a array of ports and portranges 80 443 8000:8010
+ global $config;
+ $portresult = array();
+ if (is_alias($port_or_alias)) {
+ if (is_array($config['aliases']['alias'])) {
+ foreach ($config['aliases']['alias'] as $alias) {
+ if ($alias['name'] == $port_or_alias && preg_match("/port/i", $alias['type'])) {
+ $ports = explode(' ',$alias['address']);
+ foreach($ports as $port) {
+ $portresults = haproxy_portoralias_to_list($port);
+ $portresult = array_merge($portresult, $portresults);
+ }
+ return $portresult;
+ }
+ }
+ }
+ } else if (is_portrange($port_or_alias)) {
+ return (array)$port_or_alias;
+ } else if (is_port($port_or_alias)) {
+ if (getservbyname($port_or_alias, "tcp"))
+ return (array)getservbyname($port_or_alias, "tcp");
+ if (getservbyname($port_or_alias, "udp"))
+ return (array)getservbyname($port_or_alias, "udp");
+ return (array)$port_or_alias;
+ }
+ else
+ return null;
+}
+
function haproxy_custom_php_deinstall_command() {
global $static_output;
$static_output .= "HAProxy, running haproxy_custom_php_deinstall_command()\n";
@@ -196,7 +278,7 @@ function haproxy_custom_php_install_command() {
name="haproxy"
rcvar=`set_rcvar`
-command="/usr/local/bin/haproxy"
+command="/usr/pbi/haproxy-devel-`uname -m`/sbin/haproxy"
haproxy_enable=\${haproxy-"YES"}
start_cmd="haproxy_start"
@@ -636,13 +718,11 @@ function write_backend($fd, $name, $pool, $frontend) {
function haproxy_configure() {
global $g;
// reload haproxy
- haproxy_writeconf("{$g['varetc_path']}/haproxy");
return haproxy_check_run(1);
}
function haproxy_check_and_run(&$messages, $reload) {
global $g;
- $configpath = "{$g['varetc_path']}/haproxy";
$testpath = "{$g['varetc_path']}/haproxy_test";
haproxy_writeconf($testpath);
$retval = exec("haproxy -c -V -f $testpath/haproxy.cfg 2>&1", $output, $err);
@@ -660,7 +740,6 @@ function haproxy_check_and_run(&$messages, $reload) {
$ok = strstr($retval, "Configuration file is valid");
if ($ok && $reload) {
global $haproxy_run_message;
- haproxy_writeconf($configpath);
rmdir_recursive($testpath);
$ok = haproxy_check_run(1) == 0;
$messages = $haproxy_run_message;
@@ -734,7 +813,8 @@ function haproxy_writeconf($configpath) {
fwrite ($fd, "\tbind 127.0.0.1:$localstatsport\n");
fwrite ($fd, "\tmode http\n");
fwrite ($fd, "\tstats enable\n");
- fwrite ($fd, "\tstats refresh 10\n");
+ if (is_numeric($a_global['localstats_refreshtime']))
+ fwrite ($fd, "\tstats refresh {$a_global['localstats_refreshtime']}\n");
fwrite ($fd, "\tstats admin if TRUE\n");
fwrite ($fd, "\tstats uri /haproxy_stats.php?haproxystats=1\n");
fwrite ($fd, "\ttimeout client 5000\n");
@@ -841,9 +921,13 @@ function haproxy_writeconf($configpath) {
// Process and add bind directives for ports
$ip = haproxy_interface_ip($bind['extaddr']);
if ($ip){
- foreach($ports as $port) {
- if($port) {
- $listenip .= "\tbind\t\t\t$ip:{$port} {$ssl_info} {$advanced_bind}\n";
+ foreach($ports as $alias_or_port) {
+ if($alias_or_port) {
+ $portsnumeric = group_ports(haproxy_portoralias_to_list($alias_or_port));
+ foreach($portsnumeric as $portnumeric) {
+ $portnumeric = str_replace(":","-",$portnumeric);
+ $listenip .= "\tbind\t\t\t$ip:{$portnumeric} {$ssl_info} {$advanced_bind}\n";
+ }
}
}
}
@@ -899,10 +983,8 @@ function haproxy_writeconf($configpath) {
$default_backend = "";
$i = 0;
foreach ($bind['config'] as $frontend) {
- $a_acl=&$frontend['ha_acls']['item'];
- if(!is_array($a_acl))
- $a_acl=array();
-
+ $a_acl = get_frontend_acls($frontend);
+
$poolname = $frontend['backend_serverpool'] . "_" . strtolower($frontend['type']);
// Create different pools if the svrport is set
@@ -914,31 +996,6 @@ function haproxy_writeconf($configpath) {
$a_pendingpl[$poolname]['name'] = $poolname;
$a_pendingpl[$poolname]['frontend'] = $frontend;
}
-
- if (strtolower($bind['type']) == "http" && $frontend['ssloffload']) {
- $aclname = "SNI_" . $poolname;
- if ($frontend['ssloffloadacl']){
- $cert = lookup_cert($frontend['ssloffloadcert']);
- $cert_cn = cert_get_cn($cert['crt']);
- $descr = haproxy_escape_acl_name($cert['descr']);
- $a_acl[] = array('name' => "{$aclname}_{$descr}",'expression' => 'host_matches', 'value' => $cert_cn);
- unset($cert);
- }
- if ($frontend['ssloffloadacladditional']){
- $certs = $frontend['ha_certificates']['item'];
- if (is_array($certs)){
- if (count($certs) > 0){
- foreach($certs as $certref){
- $cert = lookup_cert($certref['ssl_certificate']);
- $cert_cn = cert_get_cn($cert['crt']);
- $descr = haproxy_escape_acl_name($cert['descr']);
- $a_acl[] = array('name' => "{$aclname}_{$descr}",'expression' => 'host_matches', 'value' => $cert_cn);
- unset($cert);
- }
- }
- }
- }
- }
// Write this out once, and must be before any backend config text
if (($default_backend == "" || $frontend['secondary'] != 'yes') && count($a_acl) == 0 ) {
@@ -948,8 +1005,8 @@ function haproxy_writeconf($configpath) {
// combine acl's with same name to allow for 'combined checks' to check for example hostname and fileextension together..
$a_acl_combine = array();
foreach ($a_acl as $entry) {
- $name = $entry['name'];
- $a_acl_combine[$name][] = $entry;
+ $name = $entry['ref']['name'];
+ $a_acl_combine[$name][] = $entry['ref'];
}
foreach ($a_acl_combine as $a_usebackend) {
@@ -1132,18 +1189,27 @@ function load_ipfw_rules() {
mwexec("/sbin/ipfw -x $ipfw_zone_haproxy -q {$g['tmp_path']}/ipfw_{$ipfw_zone_haproxy}.haproxy.rules", true);
}
+function haproxy_plugin_carp($pluginparams) {
+ // called by pfSense when a CARP interface changes its state (called multiple times when multiple interfaces change state)
+ // $pluginparams['type'] always 'carp'
+ // $pluginparams['event'] either 'rc.carpmaster' or 'rc.carpbackup'
+ // $pluginparams['interface'] contains the affected interface
+ $type = $pluginparams['type'];
+ $event = $pluginparams['event'];
+ $interface = $pluginparams['interface'];
+ haproxy_check_run(0);
+}
+
function haproxy_check_run($reload) {
global $config, $g, $haproxy_run_message;
+ $haproxylock = lock("haproxy", LOCK_EX);
$a_global = &$config['installedpackages']['haproxy'];
$configpath = "{$g['varetc_path']}/haproxy";
-
- if(use_transparent_clientip_proxying()) {
- filter_configure();
- load_ipfw_rules();
- } else
- mwexec("/usr/local/sbin/ipfw_context -d haproxy", true);
+ if ($reload)
+ haproxy_writeconf($configpath);
+
if(isset($a_global['enable'])) {
if (isset($a_global['carpdev'])) {
$status = get_carp_interface_status($a_global['carpdev']);
@@ -1153,15 +1219,25 @@ function haproxy_check_run($reload) {
//exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile
haproxy_kill();
}
+ unlock($haproxylock);
return (0);
} else if (haproxy_is_running() && $reload == 0) {
+ unlock($haproxylock);
return (0);
}
log_error("Starting haproxy on CARP master.");
/* fallthrough */
- } else if ($reload == 0)
+ } else if ($reload == 0){
+ unlock($haproxylock);
return (0);
+ }
+ if(use_transparent_clientip_proxying()) {
+ filter_configure();
+ load_ipfw_rules();
+ } else
+ mwexec("/usr/local/sbin/ipfw_context -d haproxy", true);
+
if (haproxy_is_running()) {
if (isset($a_global['terminate_on_reload']))
$sf_st = "-st";//terminate old process as soon as the new process is listening
@@ -1173,14 +1249,15 @@ function haproxy_check_run($reload) {
}
foreach($output as $line)
$haproxy_run_message .= "<br/>" . htmlspecialchars($line) . "\n";
- return ($errcode);
} else {
if ($reload && haproxy_is_running()) {
//exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile
haproxy_kill();
}
- return (0);
+ $errcode = 0;
}
+ unlock($haproxylock);
+ return ($errcode);
}
function haproxy_kill($killimmediately = true) {
@@ -1337,6 +1414,43 @@ function get_frontend_acls($frontend) {
$result[] = $acl_item;
}
}
+
+ $mainfrontend = get_primaryfrontend($frontend);
+ if (strtolower($mainfrontend['type']) == "http" && $mainfrontend['ssloffload']) {
+ $a_acl = &$frontend['ha_acls']['item'];
+ if(!is_array($a_acl))
+ $a_acl=array();
+
+ $poolname = $frontend['backend_serverpool'] . "_" . strtolower($frontend['type']);
+ $aclname = "SNI_" . $poolname;
+ if ($frontend['ssloffloadacl']){
+ $cert = lookup_cert($frontend['ssloffloadcert']);
+ $cert_cn = cert_get_cn($cert['crt']);
+ $descr = haproxy_escape_acl_name($cert['descr']);
+ unset($cert);
+ $acl_item = array();
+ $acl_item['descr'] = "Certificate ACL ".$cert_cn;
+ $acl_item['ref'] = array('name' => "{$aclname}_{$descr}",'expression' => 'host_matches', 'value' => $cert_cn);
+ $result[] = $acl_item;
+ }
+ if ($frontend['ssloffloadacladditional']){
+ $certs = $frontend['ha_certificates']['item'];
+ if (is_array($certs)){
+ if (count($certs) > 0){
+ foreach($certs as $certref){
+ $cert = lookup_cert($certref['ssl_certificate']);
+ $cert_cn = cert_get_cn($cert['crt']);
+ $descr = haproxy_escape_acl_name($cert['descr']);
+ unset($cert);
+ $acl_item = array();
+ $acl_item['descr'] = "Additional certificate ACLs: ".$cert_cn;
+ $acl_item['ref'] = array('name' => "{$aclname}_{$descr}",'expression' => 'host_matches', 'value' => $cert_cn);
+ $result[] = $acl_item;
+ }
+ }
+ }
+ }
+ }
return $result;
}
diff --git a/config/haproxy-devel/haproxy.widget.php b/config/haproxy-devel/haproxy.widget.php
index 7954e404..5d664e81 100644
--- a/config/haproxy-devel/haproxy.widget.php
+++ b/config/haproxy-devel/haproxy.widget.php
@@ -3,7 +3,7 @@
Copyright (C) 2013 PiBa-NL
Copyright 2011 Thomas Schaefer - Tomschaefer.org
Copyright 2011 Marcello Coutinho
- Part of pfSense widgets (www.pfsense.com)
+ Part of pfSense widgets (www.pfsense.org)
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
diff --git a/config/haproxy-devel/haproxy.xml b/config/haproxy-devel/haproxy.xml
index bbc32575..5c534522 100644
--- a/config/haproxy-devel/haproxy.xml
+++ b/config/haproxy-devel/haproxy.xml
@@ -58,76 +58,81 @@
<executable>haproxy</executable>
<description>The Reliable, High Performance TCP/HTTP Load Balancer</description>
</service>
+ <plugins>
+ <item>
+ <type>plugin_carp</type>
+ </item>
+ </plugins>
<configpath>installedpackages->haproxy->config</configpath>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy.inc</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_listeners.php</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_listeners.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_listeners_edit.php</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_listeners_edit.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_global.php</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_global.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_pools.php</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_pools.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_pool_edit.php</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_pool_edit.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_stats.php</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_stats.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_socketinfo.inc</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_socketinfo.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_xmlrpcsyncclient.inc</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_xmlrpcsyncclient.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_htmllist.inc</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_htmllist.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy_utils.inc</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy_utils.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/widgets/widgets/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/haproxy.widget.php</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy.widget.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/shortcuts/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/haproxy-devel/pkg_haproxy.inc</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/pkg_haproxy.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/haproxy-devel/pkg_haproxy_tabs.inc</item>
+ <item>https://packages.pfsense.org/packages/config/haproxy-devel/pkg_haproxy_tabs.inc</item>
</additional_files_needed>
<custom_delete_php_command>
</custom_delete_php_command>
diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php
index 8264558f..44f01dc5 100755
--- a/config/haproxy-devel/haproxy_global.php
+++ b/config/haproxy-devel/haproxy_global.php
@@ -2,7 +2,7 @@
/* $Id: load_balancer_pool.php,v 1.5.2.6 2007/03/02 23:48:32 smos Exp $ */
/*
haproxy_global.php
- part of pfSense (http://www.pfsense.com/)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2013 PiBa-NL
Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com>
Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com>
@@ -36,6 +36,8 @@ require_once("haproxy_utils.inc");
require_once("globals.inc");
require_once("pkg_haproxy_tabs.inc");
+$simplefields = array('localstats_refreshtime','localstats_sticktable_refreshtime');
+
if (!is_array($config['installedpackages']['haproxy']))
$config['installedpackages']['haproxy'] = array();
@@ -68,7 +70,13 @@ if ($_POST) {
$input_errors[] = "The maximum number of connections should be numeric.";
if ($_POST['localstatsport'] && (!is_numeric($_POST['localstatsport'])))
- $input_errors[] = "The local stats port should be numeric.";
+ $input_errors[] = "The local stats port should be numeric or empty.";
+
+ if ($_POST['localstats_refreshtime'] && (!is_numeric($_POST['localstats_refreshtime'])))
+ $input_errors[] = "The local stats refresh time should be numeric or empty.";
+
+ if ($_POST['localstats_sticktable_refreshtime'] && (!is_numeric($_POST['localstats_sticktable_refreshtime'])))
+ $input_errors[] = "The local stats sticktable refresh time should be numeric or empty.";
/*if($_POST['synchost1'] && !is_ipaddr($_POST['synchost1']))
$input_errors[] = "Synchost1 needs to be an IPAddress.";
@@ -93,6 +101,8 @@ if ($_POST) {
$config['installedpackages']['haproxy']['localstatsport'] = $_POST['localstatsport'] ? $_POST['localstatsport'] : false;
$config['installedpackages']['haproxy']['advanced'] = $_POST['advanced'] ? base64_encode($_POST['advanced']) : false;
$config['installedpackages']['haproxy']['nbproc'] = $_POST['nbproc'] ? $_POST['nbproc'] : false;
+ foreach($simplefields as $stat)
+ $config['installedpackages']['haproxy'][$stat] = $_POST[$stat];
touch($d_haproxyconfdirty_path);
write_config();
}
@@ -114,6 +124,8 @@ $pconfig['carpdev'] = $config['installedpackages']['haproxy']['carpdev'];
$pconfig['localstatsport'] = $config['installedpackages']['haproxy']['localstatsport'];
$pconfig['advanced'] = base64_decode($config['installedpackages']['haproxy']['advanced']);
$pconfig['nbproc'] = $config['installedpackages']['haproxy']['nbproc'];
+foreach($simplefields as $stat)
+ $pconfig[$stat] = $config['installedpackages']['haproxy'][$stat];
// defaults
if (!$pconfig['logfacility'])
@@ -162,20 +174,6 @@ function enable_change(enable_change) {
<div id="mainarea">
<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
- <td colspan="2" valign="top" class="listtopic">Recalculate certificate chain.</td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">&nbsp;</td>
- <td width="78%" class="vtable">
- <input type="hidden" name="calculate_certificate_chain" id="calculate_certificate_chain" />
- <input type="button" class="formbtn" value="Recalculate certificate chains" onclick="$('calculate_certificate_chain').value='true';document.iform.submit();" />
- <br/>
- This can be required after certificates have been created or imported. As pfSense 2.1.0 currently does not
- always keep track of these dependencies which might be required to create a proper certificate chain when using SSLoffloading.
- </td>
- </tr>
-
- <tr>
<td colspan="2" valign="top" class="listtopic">General settings</td>
</tr>
<tr>
@@ -199,11 +197,17 @@ function enable_change(enable_change) {
</table>
Sets the maximum per-process number of concurrent connections to X.<br/>
<strong>NOTE:</strong> setting this value too high will result in HAProxy not being able to allocate enough memory.<br/>
+ <p>
<?php
$memusage = trim(`ps auxw | grep haproxy | grep -v grep | awk '{ print $5 }'`);
if($memusage)
- echo "<p>Current memory usage: {$memusage} K.</p>";
+ echo "Current memory usage: <b>{$memusage} kB.</b><br/>";
?>
+ Current <a href='/system_advanced_sysctl.php'>'System Tunables'</a> settings.<br/>
+ &nbsp;&nbsp;'kern.maxfiles': <b><?=`sysctl kern.maxfiles | awk '{ print $2 }'`?></b><br/>
+ &nbsp;&nbsp;'kern.maxfilesperproc': <b><?=`sysctl kern.maxfilesperproc | awk '{ print $2 }'`?></b><br/>
+ </p>
+ Full memory usage will only show after all connections have actually been used.
</td><td>
<table style="border: 1px solid #000;">
<tr>
@@ -216,23 +220,29 @@ function enable_change(enable_change) {
</td>
</tr>
<tr>
- <td align="right"><font size=-1>999</font></td>
- <td><font size=-1>1888K</font></td>
+ <td align="right"><font size=-1>1</font></td>
+ <td><font size=-1>50 kB</font></td>
+ </tr>
+ <tr>
+ <td align="right"><font size=-1>1.000</font></td>
+ <td><font size=-1>48 MB</font></td>
</tr>
<tr>
- <td align="right"><font size=-1>99999</font></td>
- <td><font size=-1>8032K</font></td>
+ <td align="right"><font size=-1>10.000</font></td>
+ <td><font size=-1>488 MB</font></td>
</tr>
<tr>
- <td align="right"><font size=-1>999999</font></td>
- <td><font size=-1>50016K</font></td>
+ <td align="right"><font size=-1>100.000</font></td>
+ <td><font size=-1>4,8 GB</font></td>
</tr>
<tr>
- <td align="right"><font size=-1>9999999</font></td>
- <td><font size=-1>467M</font></td>
+ <td colspan="2" style="white-space: nowrap"><font size=-2>Calculated for plain HTTP connections,<br/>using ssl offloading will increase this.</font></td>
</tr>
</table>
</td></tr></table>
+ When setting a high amount of allowed simultaneous connections you will need to add and or increase the following two <b><a href='/system_advanced_sysctl.php'>'System Tunables'</a></b> kern.maxfiles and kern.maxfilesperproc.
+ For HAProxy alone set these to at least the number of allowed connections * 2 + 31. So for 100.000 connections these need to be 200.031 or more to avoid trouble, take into account that handles are also used by other processes when setting kern.maxfiles.
+ <br/>
</td>
</tr>
<tr>
@@ -352,12 +362,25 @@ function enable_change(enable_change) {
</td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell">Internal stats refresh rate</td>
+ <td class="vtable">
+ <input name="localstats_refreshtime" type="text" <?if(isset($pconfig['localstats_refreshtime'])) echo "value=\"{$pconfig['localstats_refreshtime']}\"";?> size="10" maxlength="5" /> Seconds, Leave this setting empty to not refresh the page automatically. EXAMPLE: 10
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Sticktable page refresh rate</td>
+ <td class="vtable">
+ <input name="localstats_sticktable_refreshtime" type="text" <?if(isset($pconfig['localstats_sticktable_refreshtime'])) echo "value=\"{$pconfig['localstats_sticktable_refreshtime']}\"";?> size="10" maxlength="5" /> Seconds, Leave this setting empty to not refresh the page automatically. EXAMPLE: 10
+ </td>
+ </tr>
+ <tr>
<td colspan="2" valign="top" class="listtopic">Global Advanced pass thru</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">&nbsp;</td>
<td width="78%" class="vtable">
- <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo $pconfig['advanced']; ?></textarea>
+ <? $textrowcount = max(substr_count($pconfig['advanced'],"\n"), 2) + 2; ?>
+ <textarea name='advanced' rows="<?=$textrowcount;?>" cols="70" id='advanced'><?php echo $pconfig['advanced']; ?></textarea>
<br/>
NOTE: paste text into this box that you would like to pass thru in the global settings area.
</td>
@@ -368,6 +391,19 @@ function enable_change(enable_change) {
</td>
</tr>
<tr>
+ <td colspan="2" valign="top" class="listtopic">Recalculate certificate chain.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">&nbsp;</td>
+ <td width="78%" class="vtable">
+ <input type="hidden" name="calculate_certificate_chain" id="calculate_certificate_chain" />
+ <input type="button" class="formbtn" value="Recalculate certificate chains" onclick="$('calculate_certificate_chain').value='true';document.iform.submit();" />(Other changes on this page will be lost)
+ <br/>
+ This can be required after certificates have been created or imported. As pfSense 2.1.0 currently does not
+ always keep track of these dependencies which might be required to create a proper certificate chain when using SSLoffloading.
+ </td>
+ </tr>
+ <tr>
<td colspan="2" valign="top" class="listtopic">Configuration synchronization</td>
</tr>
<tr>
diff --git a/config/haproxy-devel/haproxy_htmllist.inc b/config/haproxy-devel/haproxy_htmllist.inc
index 2e93ca2a..ae46ffd4 100644
--- a/config/haproxy-devel/haproxy_htmllist.inc
+++ b/config/haproxy-devel/haproxy_htmllist.inc
@@ -1,7 +1,7 @@
<?php
/*
haproxy_htmllist.php
- part of pfSense (http://www.pfsense.com/)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2013 PiBa-NL
All rights reserved.
diff --git a/config/haproxy-devel/haproxy_listeners.php b/config/haproxy-devel/haproxy_listeners.php
index 2a1f12e6..b259c6fb 100644
--- a/config/haproxy-devel/haproxy_listeners.php
+++ b/config/haproxy-devel/haproxy_listeners.php
@@ -2,7 +2,7 @@
/* $Id: load_balancer_virtual_server.php,v 1.6.2.1 2006/01/02 23:46:24 sullrich Exp $ */
/*
haproxy_listeners.php
- part of pfSense (http://www.pfsense.com/)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2013 PiBa-NL
Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com>
Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com>
@@ -167,18 +167,14 @@ include("head.inc");
$acls = get_frontend_acls($frontend);
$isaclset = "";
foreach ($acls as $acl) {
- $isaclset .= "&#10;" . $acl['descr'];
+ $isaclset .= "&#10;" . htmlspecialchars($acl['descr']);
}
- if ($frontend['ssloffloadacl'])
- $isaclset .= "&#10;" . "Certificate ACL";
- if ($frontend['ssloffloadacladditional'])
- $isaclset .= "&#10;" . "Additional certificate ACLs";
if ($isaclset)
echo "<img src=\"$img_acl\" title=\"" . gettext("acl's used") . ": {$isaclset}\" border=\"0\" />";
$isadvset = "";
- if ($frontend['advanced_bind']) $isadvset .= "Advanced bind: {$frontend['advanced_bind']}\r\n";
+ if ($frontend['advanced_bind']) $isadvset .= "Advanced bind: ".htmlspecialchars($frontend['advanced_bind'])."\r\n";
if ($frontend['advanced']) $isadvset .= "Advanced pass thru setting used\r\n";
if ($isadvset)
echo "<img src=\"$img_adv\" title=\"" . gettext("Advanced settings set") . ": {$isadvset}\" border=\"0\" />";
diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php
index bd0f93d5..5bc039b7 100644
--- a/config/haproxy-devel/haproxy_listeners_edit.php
+++ b/config/haproxy-devel/haproxy_listeners_edit.php
@@ -2,7 +2,7 @@
/* $Id: load_balancer_pool_edit.php,v 1.24.2.23 2007/03/03 00:07:09 smos Exp $ */
/*
haproxy_listeners_edit.php
- part of pfSense (http://www.pfsense.com/)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com>
Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com>
Copyright (C) 2013 PiBa-NL merging (some of the) "haproxy-devel" changes from: Marcello Coutinho <marcellocoutinho@gmail.com>
@@ -57,8 +57,6 @@ function haproxy_js_acl_select($mode) {
return $seltext;
}
-$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty";
-
if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) {
$config['installedpackages']['haproxy']['ha_backends']['item'] = array();
}
@@ -80,6 +78,12 @@ if (isset($_GET['dup']))
$id = get_frontend_id($id);
+if (!is_numeric($id))
+{
+ //default value for new items.
+ $pconfig['ssloffloadacl'] = "yes";
+}
+
$servercerts = get_certificates_server();
$fields_sslCertificates=array();
@@ -151,8 +155,8 @@ if ($_POST) {
$ports = split(",", $_POST['port'] . ",");
foreach($ports as $port)
- if ($port && !is_numeric($port))
- $input_errors[] = "The field 'Port' value is not a number.";
+ if ($port && !is_numeric($port) && !is_portoralias($port))
+ $input_errors[] = "The field 'Port' value '".htmlspecialchars($port)."' is not a number or alias thereof.";
if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout']))
$input_errors[] = "The field 'Client timeout' value is not a number.";
@@ -227,17 +231,13 @@ $pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
if(strstr($pfSversion, "1.2"))
$one_two = true;
-if (!$id)
-{
- //default value for new items.
- $pconfig['ssloffloadacl'] = "yes";
-}
-
$closehead = false;
$pgtitle = "HAProxy: Frontend: Edit";
include("head.inc");
-$primaryfrontends = get_haproxy_frontends($pconfig['name']);
+if (!isset($_GET['dup']))
+ $excludefrontend = $pconfig['name'];
+$primaryfrontends = get_haproxy_frontends($excludefrontend);
$interfaces = haproxy_get_bindable_interfaces();
?>
@@ -247,6 +247,8 @@ $interfaces = haproxy_get_bindable_interfaces();
.haproxy_primary{}
.haproxy_secondary{display:none;}
</style>
+ <script type="text/javascript" src="/javascript/suggestions.js"></script>
+ <script type="text/javascript" src="/javascript/autosuggest.js"></script>
</head>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
@@ -255,7 +257,6 @@ $interfaces = haproxy_get_bindable_interfaces();
<script type="text/javascript" src="/javascript/scriptaculous/scriptaculous.js"></script>
<?php endif; ?>
-
<script type="text/javascript">
function htmllist_get_select_options(tableId) {
var seltext;
@@ -444,8 +445,8 @@ $interfaces = haproxy_get_bindable_interfaces();
<tr class="haproxy_primary" align="left">
<td width="22%" valign="top" class="vncellreq">External port</td>
<td width="78%" class="vtable" colspan="2">
- <input name="port" type="text" <?if(isset($pconfig['port'])) echo "value=\"{$pconfig['port']}\"";?> size="10" maxlength="500" />
- <div>The port to listen to. To specify multiple ports, separate with a comma (,). EXAMPLE: 80,443</div>
+ <input name="port" id="port" type="text" <?if(isset($pconfig['port'])) echo "value=\"{$pconfig['port']}\"";?> size="10" maxlength="500" />
+ <div>The port to listen to. To specify multiple ports, separate with a comma (,). EXAMPLE: 80,8000</div>
</td>
</tr>
<tr class="haproxy_primary" align="left">
@@ -546,7 +547,8 @@ $interfaces = haproxy_get_bindable_interfaces();
<tr align="left">
<td width="22%" valign="top" class="vncell">Advanced pass thru</td>
<td width="78%" class="vtable" colspan="2">
- <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo htmlspecialchars($pconfig['advanced']); ?></textarea>
+ <? $textrowcount = max(substr_count($pconfig['advanced'],"\n"), 2) + 2; ?>
+ <textarea name='advanced' rows="<?=$textrowcount;?>" cols="70" id='advanced'><?php echo htmlspecialchars($pconfig['advanced']); ?></textarea>
<br/>
NOTE: paste text into this box that you would like to pass thru.
</td>
@@ -597,7 +599,7 @@ $interfaces = haproxy_get_bindable_interfaces();
<tr class="haproxy_ssloffloading_enabled haproxy_primary" align="left">
<td width="22%" valign="top" class="vncell">Advanced ssl options</td>
<td width="78%" class="vtable" colspan="2">
- <input type='text' name='dcertadv' size="64" id='dcertadv' <?if(isset($pconfig['dcertadv'])) echo "value=\"{$pconfig['dcertadv']}\"";?> maxlength="64" />
+ <input type='text' name='dcertadv' size="64" id='dcertadv' <?if(isset($pconfig['dcertadv'])) echo 'value="'.htmlspecialchars($pconfig['dcertadv']).'"';?> />
<br/>
NOTE: Paste additional ssl options(without commas) to include on ssl listening options.<br/>
some options: force-sslv3, force-tlsv10 force-tlsv11 force-tlsv12 no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets
@@ -638,6 +640,9 @@ $interfaces = haproxy_get_bindable_interfaces();
<script type="text/javascript">
totalrows = <?php echo $counter; ?>;
updatevisibility();
+
+ var customarray = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>;
+ var oTextbox1 = new AutoSuggestControl(document.getElementById("port"), new StateSuggestions(customarray));
</script>
<?php
haproxy_htmllist_js();
diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php
index 9b64df87..726dab30 100644
--- a/config/haproxy-devel/haproxy_pool_edit.php
+++ b/config/haproxy-devel/haproxy_pool_edit.php
@@ -2,7 +2,7 @@
/* $Id: load_balancer_pool_edit.php,v 1.24.2.23 2007/03/03 00:07:09 smos Exp $ */
/*
haproxy_pool_edit.php
- part of pfSense (http://www.pfsense.com/)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2013 PiBa-NL
Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com>
Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com>
@@ -221,12 +221,8 @@ if ($_POST) {
$pool['ha_servers']['item']=$a_servers;
- update_if_changed("name", $pool['name'], $_POST['name']);
- update_if_changed("cookie", $pool['cookie'], $_POST['cookie']);
update_if_changed("advanced", $pool['advanced'], base64_encode($_POST['advanced']));
update_if_changed("advanced_backend", $pool['advanced_backend'], base64_encode($_POST['advanced_backend']));
- update_if_changed("checkinter", $pool['checkinter'], $_POST['checkinter']);
- update_if_changed("monitor_uri", $pool['monitor_uri'], $_POST['monitor_uri']);
global $simplefields;
foreach($simplefields as $stat)
@@ -308,6 +304,18 @@ foreach($simplefields as $field){
}
}
}
+ function toggleCSSdisplay(cssID)
+ {
+ var ss = document.styleSheets;
+ for (var i=0; i<ss.length; i++) {
+ var rules = ss[i].cssRules || ss[i].rules;
+ for (var j=0; j<rules.length; j++) {
+ if (rules[j].selectorText === cssID) {
+ rules[j].style.display = rules[j].style.display == "none" ? "" : "none";
+ }
+ }
+ }
+ }
function updatevisibility()
{
@@ -383,11 +391,36 @@ foreach($simplefields as $field){
</tr>
<tr align="left">
<td class="vncell" colspan="3"><strong>Server list</strong>
+ <span style="float:right;">
+ Toggle serverlist help. <a onclick="toggleCSSdisplay('.haproxy_help_serverlist');" title="<?php echo gettext("Help"); ?>"><img style="vertical-align:middle" src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_help.gif" border="0" alt="help" /></a>
+ </span>
<?
$counter=0;
$a_servers = $pconfig['a_servers'];
haproxy_htmllist("tableA_servers", $a_servers, $fields_servers);
?>
+ <table class="haproxy_help_serverlist" style="border:1px dashed green" cellspacing="0">
+ <tr><td class="vncell">
+ Mode: </td><td class="vncell">Active: server will be used normally<br/>
+ Backup: server is only used in load balancing when all other non-backup servers are unavailable<br/>
+ Disabled: server is marked down in maintenance mode<br/>
+ Inactive: server will not be available for use
+ </td></tr><tr><td class="vncell">
+ Name: </td><td class="vncell">Used to as a name for the server in for example the stats<br/>EXAMPLE: MyWebServer
+ </td></tr><tr><td class="vncell">
+ Address: </td><td class="vncell">IP or hostname(only resolved on start-up.)<br/>EXAMPLE: 192.168.1.22 , fe80::1000:2000:3000:4000%em0 , WebServer1.localdomain
+ </td></tr><tr><td class="vncell">
+ Port: </td><td class="vncell">The port of the backend.<br/>EXAMPLE: 80 or 443<br/>
+ </td></tr><tr><td class="vncell">
+ SSL: </td><td class="vncell">Is the backend using SSL (commonly with port 443)<br/>
+ </td></tr><tr><td class="vncell">
+ Weight: </td><td class="vncell">A weight between 0 and 256, this setting can be used when multiple servers on different hardware need to be balanced with with a different part the traffic. A server with weight 0 wont get new traffic. Default if empty: 1
+ </td></tr><tr><td class="vncell">
+ Cookie: </td><td class="vncell">the value of the cookie used to identify a server (only when cookie-persistence is enabled below)
+ </td></tr><tr><td class="vncell">
+ Advanced: </td><td class="vncell">More advanced settings like rise,fall,error-limit,send-proxy and others can be configured here.<br/>For a full list of options see the <a target="_blank" href="http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.2">HAProxy manual: Server and default-server options</a>
+ </td></tr>
+ </table>
</td>
</tr>
<tr align="left">
@@ -459,6 +492,7 @@ foreach($simplefields as $field){
<tr align="left">
<td width="22%" valign="top" class="vncell">Transparent ClientIP</td>
<td width="78%" class="vtable" colspan="2">
+ WARNING Activating this option will load rules in IPFW and might interfere with CaptivePortal and possibly other services due to the way server return traffic must be 'captured' with a automatically created fwd rule. This also breaks directly accessing the (web)server on the ports configured above. Also a automatic sloppy pf rule is made to allow HAProxy to server traffic.<br/>
<input id="transparent_clientip" name="transparent_clientip" type="checkbox" value="yes" <?php if ($pconfig['transparent_clientip']=='yes') echo "checked"; ?> onclick='updatevisibility();' />
Use Client-IP to connect to backend servers.
<div class="haproxy_transparent_clientip">
@@ -479,13 +513,13 @@ foreach($simplefields as $field){
For proper workings this requires the reply's traffic to pass through pfSense by means of correct routing.
(uses the option "source 0.0.0.0 usesrc clientip")
<br/><br/>
- Note : When this is enabled for a single backend HAProxy will run as 'root', which reduces security.
+ Note : When this is enabled for a single backend HAProxy will run as 'root' instead of chrooting to a lower privileged user, this reduces security in case of a a bit.
</td>
</tr>
<tr align="left">
<td width="22%" valign="top" class="vncell">Per server pass thru</td>
<td width="78%" class="vtable" colspan="2">
- <input type="text" name='advanced' id='advanced' value='<?php echo $pconfig['advanced']; ?>' size="64" />
+ <input type="text" name='advanced' id='advanced' value='<?php echo htmlspecialchars($pconfig['advanced']); ?>' size="64" />
<br/>
NOTE: paste text into this box that you would like to pass thru. Applied to each 'server' line.
</td>
@@ -494,7 +528,8 @@ foreach($simplefields as $field){
<tr align="left">
<td width="22%" valign="top" class="vncell">Backend pass thru</td>
<td width="78%" class="vtable" colspan="2">
- <textarea rows="4" cols="70" name='advanced_backend' id='advanced_backend'><?php echo $pconfig['advanced_backend']; ?></textarea>
+ <? $textrowcount = max(substr_count($pconfig['advanced_backend'],"\n"), 2) + 2; ?>
+ <textarea rows="<?=$textrowcount;?>" cols="70" name='advanced_backend' id='advanced_backend'><?php echo htmlspecialchars($pconfig['advanced_backend']); ?></textarea>
<br/>
NOTE: paste text into this box that you would like to pass thru. Applied to the backend section.
</td>
@@ -629,10 +664,10 @@ set by the 'retries' parameter.</div>
</td>
</tr>
<tr><td>&nbsp;</td></tr>
- <tr>
+ <tr>
<td colspan="2" valign="top" class="listtopic">Cookie persistence</td>
- </tr>
- <tr align="left">
+ </tr>
+ <tr align="left">
<td width="22%" valign="top" class="vncell">Cookie Enabled</td>
<td width="78%" class="vtable" colspan="2">
<input id="persist_cookie_enabled" name="persist_cookie_enabled" type="checkbox" value="yes" <?php if ($pconfig['persist_cookie_enabled']=='yes') echo "checked"; ?> onclick='updatevisibility();' />
@@ -664,7 +699,7 @@ set by the 'retries' parameter.</div>
<br/>
<textarea readonly="yes" cols="60" rows="2" id="persist_cookie_mode_description" name="persist_cookie_mode_description" style="padding:5px; border:1px dashed #990000; background-color: #ffffff; color: #000000; font-size: 8pt;"></textarea>
</td>
- </tr>
+ </tr>
<tr class="haproxy_cookie_visible" align="left">
<td width="22%" valign="top" class="vncell">Cookie Cachable</td>
<td width="78%" class="vtable" colspan="2">
@@ -673,11 +708,11 @@ set by the 'retries' parameter.</div>
</td>
</tr>
<tr><td>&nbsp;</td></tr>
- <tr>
+ <tr>
<td colspan="2" valign="top" class="listtopic">Stick-table persistence</td>
- </tr>
+ </tr>
<tr><td class="vncell"></td><td class="vncell">These options are used to make sure seperate requests from a single client go to the same backend. This can be required for servers that keep track of for example a shopping cart.</td></tr>
- <tr align="left">
+ <tr align="left">
<td width="22%" valign="top" class="vncell">Stick tables</td>
<td width="78%" class="vtable" colspan="2">
<?
diff --git a/config/haproxy-devel/haproxy_pools.php b/config/haproxy-devel/haproxy_pools.php
index 01655006..15567807 100644
--- a/config/haproxy-devel/haproxy_pools.php
+++ b/config/haproxy-devel/haproxy_pools.php
@@ -2,7 +2,7 @@
/* $Id: load_balancer_virtual_server.php,v 1.6.2.1 2006/01/02 23:46:24 sullrich Exp $ */
/*
haproxy_pools.php
- part of pfSense (http://www.pfsense.com/)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2013 PiBa-NL
Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com>
Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com>
diff --git a/config/haproxy-devel/haproxy_socketinfo.inc b/config/haproxy-devel/haproxy_socketinfo.inc
index 5c6e847d..6beb17c5 100644
--- a/config/haproxy-devel/haproxy_socketinfo.inc
+++ b/config/haproxy-devel/haproxy_socketinfo.inc
@@ -3,7 +3,7 @@
Copyright (C) 2013 PiBa-NL
Copyright 2011 Thomas Schaefer - Tomschaefer.org
Copyright 2011 Marcello Coutinho
- Part of pfSense widgets (www.pfsense.com)
+ Part of pfSense widgets (www.pfsense.org)
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
diff --git a/config/haproxy-devel/haproxy_stats.php b/config/haproxy-devel/haproxy_stats.php
index 8ad04c92..cbf5b2b2 100644
--- a/config/haproxy-devel/haproxy_stats.php
+++ b/config/haproxy-devel/haproxy_stats.php
@@ -1,7 +1,7 @@
<?php
/*
haproxy_stats.php
- part of pfSense (http://www.pfsense.com/)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2013 PiBa-NL
All rights reserved.
@@ -65,7 +65,8 @@ if (isset($_GET['haproxystats']) || isset($_GET['scope']) || (isset($_POST) && i
}
require_once("guiconfig.inc");
if (isset($_GET['showsticktablecontent'])){
- header("Refresh: 2");
+ if (is_numeric($pconfig['localstats_sticktable_refreshtime']))
+ header("Refresh: {$pconfig['localstats_sticktable_refreshtime']}");
}
$shortcut_section = "haproxy";
require_once("haproxy.inc");
@@ -163,7 +164,7 @@ include("head.inc");
if (isset($_GET['showsticktablecontent'])){
$sticktablename = $_GET['showsticktablecontent'];
echo "<td colspan='2'>";
- echo "TESTJe<br/>";
+ echo "Contents of the sticktable: $sticktablename<br/>";
$res = haproxy_socket_command("show table $sticktablename");
foreach($res as $line){
echo "<br/>".print_r($line,true);
diff --git a/config/haproxy-devel/haproxy_utils.inc b/config/haproxy-devel/haproxy_utils.inc
index 058efc98..03bd434f 100644
--- a/config/haproxy-devel/haproxy_utils.inc
+++ b/config/haproxy-devel/haproxy_utils.inc
@@ -1,7 +1,7 @@
<?php
/*
haproxy_utils.php
- part of pfSense (http://www.pfsense.com/)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2013 PiBa-NL
All rights reserved.