relayd port to linux

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

relayd port to linux

Aleksandar Lazic-11
Dear Listmember,

due to the fact that openssh and some other parts of openbsd are ported
to linux maybe you can tell me if you plan to make a openrelayd which is
able to compile on linux.

I'am willing to try it by my self, maybe you can help me to miss the
most common pitfalls ;-).

thanks

Aleks

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Theo de Raadt
> due to the fact that openssh and some other parts of openbsd are ported
> to linux maybe you can tell me if you plan to make a openrelayd which is
> able to compile on linux.

relayd depends deeply on pf.

so the answer is no.

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Joe McDonagh
In reply to this post by Aleksandar Lazic-11
I can only imagine Reyk's face if he saw this.

On 11/05/2010 11:54 AM, Aleksandar Lazic wrote:

> Dear Listmember,
>
> due to the fact that openssh and some other parts of openbsd are ported
> to linux maybe you can tell me if you plan to make a openrelayd which is
> able to compile on linux.
>
> I'am willing to try it by my self, maybe you can help me to miss the
> most common pitfalls ;-).
>
> thanks
>
> Aleks
>


--
Joe McDonagh
AIM: YoosingYoonickz
IRC: joe-mac on freenode
"When the going gets weird, the weird turn pro."

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Aleksandar Lazic-11
In reply to this post by Theo de Raadt
On Fre 05.11.2010 10:45, Theo de Raadt wrote:
>> due to the fact that openssh and some other parts of openbsd are
>> ported to linux maybe you can tell me if you plan to make a
>> openrelayd which is able to compile on linux.
>
>relayd depends deeply on pf.
>
>so the answer is no.

ok, sorry for rush.

Do you know a good replacement for stunnel with http-header rewrite on
non openbsd OS?!

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Rod Whitworth-3
On Fri, 5 Nov 2010 22:31:42 +0100, Aleksandar Lazic wrote:

>On Fre 05.11.2010 10:45, Theo de Raadt wrote:
>>> due to the fact that openssh and some other parts of openbsd are
>>> ported to linux maybe you can tell me if you plan to make a
>>> openrelayd which is able to compile on linux.
>>
>>relayd depends deeply on pf.
>>
>>so the answer is no.
>
>ok, sorry for rush.
>
>Do you know a good replacement for stunnel with http-header rewrite on
>non openbsd OS?!
>

1: Would you ask a linux mailing list for advice about a program to run
on a non-linux OS?

2: Is your Google key broken?


*** NOTE *** Please DO NOT CC me. I <am> subscribed to the list.
Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou.

Rod/
---
This life is not the real thing.
It is not even in Beta.
If it was, then OpenBSD would already have a man page for it.

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Ted Unangst-2
In reply to this post by Aleksandar Lazic-11
http://en.wikipedia.org/wiki/Reverse_proxy

On Fri, Nov 5, 2010 at 5:31 PM, Aleksandar Lazic <[hidden email]> wrote:

> On Fre 05.11.2010 10:45, Theo de Raadt wrote:
>>>
>>> due to the fact that openssh and some other parts of openbsd are
>>> ported to linux maybe you can tell me if you plan to make a
>>> openrelayd which is able to compile on linux.
>>
>> relayd depends deeply on pf.
>>
>> so the answer is no.
>
> ok, sorry for rush.
>
> Do you know a good replacement for stunnel with http-header rewrite on
> non openbsd OS?!

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Marco Peereboom
In reply to this post by Aleksandar Lazic-11
On Fri, Nov 05, 2010 at 10:31:42PM +0100, Aleksandar Lazic wrote:

> On Fre 05.11.2010 10:45, Theo de Raadt wrote:
> >>due to the fact that openssh and some other parts of openbsd are
> >>ported to linux maybe you can tell me if you plan to make a
> >>openrelayd which is able to compile on linux.
> >
> >relayd depends deeply on pf.
> >
> >so the answer is no.
>
> ok, sorry for rush.
>
> Do you know a good replacement for stunnel with http-header rewrite on
> non openbsd OS?!

You could run openbsd and be done with it.  Unlike linux is doesn't suck
so that helps that decision.

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Joe McDonagh
In reply to this post by Aleksandar Lazic-11
On 11/05/2010 05:31 PM, Aleksandar Lazic wrote:

> On Fre 05.11.2010 10:45, Theo de Raadt wrote:
>>> due to the fact that openssh and some other parts of openbsd are
>>> ported to linux maybe you can tell me if you plan to make a
>>> openrelayd which is able to compile on linux.
>>
>> relayd depends deeply on pf.
>>
>> so the answer is no.
>
> ok, sorry for rush.
>
> Do you know a good replacement for stunnel with http-header rewrite on
> non openbsd OS?!
>
Well, besides Marco being right about the best Unix system for
networking out there (OpenBSD, keep in mind I manage a lot of reenucksh
systems too), I would check out nginx or mod_proxy_balancer. I am big
into puppet (uses ssl for communication), and I load balance with
mod_proxy_balancer, and I know a lot of people who use nginx (but not me).

--
--
Joe McDonagh
Operations Engineer
AIM: YoosingYoonickz
IRC: joe-mac on freenode
"When the going gets weird, the weird turn pro."

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Claer-2
On Sat, Nov 06 2010 at 51:01, Joe McDonagh wrote:

> On 11/05/2010 05:31 PM, Aleksandar Lazic wrote:
> >On Fre 05.11.2010 10:45, Theo de Raadt wrote:
> >>>due to the fact that openssh and some other parts of openbsd are
> >>>ported to linux maybe you can tell me if you plan to make a
> >>>openrelayd which is able to compile on linux.
> >>
> >>relayd depends deeply on pf.
> >>
> >>so the answer is no.
> >
> >ok, sorry for rush.
> >
> >Do you know a good replacement for stunnel with http-header rewrite on
> >non openbsd OS?!
> >
> Well, besides Marco being right about the best Unix system for
> networking out there (OpenBSD, keep in mind I manage a lot of
> reenucksh systems too), I would check out nginx or
> mod_proxy_balancer. I am big into puppet (uses ssl for
> communication), and I load balance with mod_proxy_balancer, and I
> know a lot of people who use nginx (but not me).
Move your puppet to apache+passenger instead of starting serveral
mongrel instances. It is much simpler to manage.


Claer


> --
> --
> Joe McDonagh
> Operations Engineer
> AIM: YoosingYoonickz
> IRC: joe-mac on freenode
> "When the going gets weird, the weird turn pro."

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Aleksandar Lazic-11
In reply to this post by Joe McDonagh
On Sam 06.11.2010 01:51, Joe McDonagh wrote:

> On 11/05/2010 05:31 PM, Aleksandar Lazic wrote:
>>
>> Do you know a good replacement for stunnel with http-header rewrite
>> on non openbsd OS?!
>>
> Well, besides Marco being right about the best Unix system for
> networking out there (OpenBSD, keep in mind I manage a lot of
> reenucksh systems too), I would check out nginx or
> mod_proxy_balancer. I am big into puppet (uses ssl for communication),
> and I load balance with mod_proxy_balancer, and I know a lot of people
> who use nginx (but not me).

Thanks for all your answers.

It was only a idea to have another small handy tool like stunnel for ssl
termination only.

Normally I use nginx (proxy module can't use keepalive) or delegate for
this.

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Joe McDonagh
In reply to this post by Claer-2
> Move your puppet to apache+passenger instead of starting serveral
> mongrel instances. It is much simpler to manage.
>
>
> Claer
>    
I guess that depends on your definition of simple; I've done this setup but there are version incompatibilities that make it a PITA. I would definitely like to move to it, but it just seems too finicky.

--
Joe McDonagh
Operations Engineer
AIM: YoosingYoonickz
IRC: joe-mac on freenode
"When the going gets weird, the weird turn pro."

Reply | Threaded
Open this post in threaded view
|

Re: relayd port to linux

Bret S. Lambert-2
On Sat, Nov 06, 2010 at 03:08:12PM -0400, Joe McDonagh wrote:
> >Move your puppet to apache+passenger instead of starting serveral
> >mongrel instances. It is much simpler to manage.
> >
> >
> >Claer
> I guess that depends on your definition of simple; I've done this setup but there are version incompatibilities that make it a PITA. I would definitely like to move to it, but it just seems too finicky.

Had to work through those, but a half hour of mix-n-match should see
you through. One of the annoyances you get paid to deal with.

There are (some and incomplete, sadly) version issues detailed
on the puppet website[1], and gems is easy enough to use to
install ruby apps.

FWIW, I've got puppet 2.6.1 running on passenger 2.2.15


[1] http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger

>
> --
> Joe McDonagh
> Operations Engineer
> AIM: YoosingYoonickz
> IRC: joe-mac on freenode
> "When the going gets weird, the weird turn pro."

Reply | Threaded
Open this post in threaded view
|

[OT] Re: relayd port to linux

Toni Mueller-10
In reply to this post by Aleksandar Lazic-11
On Fri, 05.11.2010 at 16:54:00 +0100, Aleksandar Lazic <[hidden email]> wrote:
> due to the fact that openssh and some other parts of openbsd are ported
> to linux maybe you can tell me if you plan to make a openrelayd which is
> able to compile on linux.
>
> I'am willing to try it by my self, maybe you can help me to miss the
> most common pitfalls ;-).

Look at HA-Proxy.