hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'develop' into MAX-324

Browse Source
This commit is contained in:
Markus Makela
2015-01-30 20:58:57 +02:00
parent ea88cea959 fe32ab63f1
commit 1348947faa
20 changed files with 110 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

126
CMakeLists.txt
View File

@ -9,7 +9,7 @@ set_maxscale_version()
set(CMAKE_INSTALL_PREFIX "/usr/local/skysql/maxscale" CACHE PATH "Prefix prepended to install directories.") set(CMAKE_INSTALL_PREFIX "/usr/local/skysql/maxscale" CACHE PATH "Prefix prepended to install directories.")
set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/") set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/cmake")
project(MaxScale) project(MaxScale)
@ -26,11 +26,9 @@ set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_RPATH}:${CMAKE_INSTALL_PREFIX}/lib:${CMA
file(MAKE_DIRECTORY ${CMAKE_BINARY_DIR}/server/include) file(MAKE_DIRECTORY ${CMAKE_BINARY_DIR}/server/include)
configure_file(${CMAKE_SOURCE_DIR}/server/include/version.h.in ${CMAKE_BINARY_DIR}/server/include/version.h) configure_file(${CMAKE_SOURCE_DIR}/server/include/version.h.in ${CMAKE_BINARY_DIR}/server/include/version.h)
configure_file(${CMAKE_SOURCE_DIR}/maxscale.conf.in ${CMAKE_BINARY_DIR}/maxscale.conf.prep @ONLY)
configure_file(${CMAKE_SOURCE_DIR}/etc/init.d/maxscale.in ${CMAKE_BINARY_DIR}/etc/init.d/maxscale.prep @ONLY)
configure_file(${CMAKE_SOURCE_DIR}/etc/ubuntu/init.d/maxscale.in ${CMAKE_BINARY_DIR}/etc/ubuntu/init.d/maxscale.prep @ONLY)
configure_file(${CMAKE_SOURCE_DIR}/server/test/maxscale_test.h.in ${CMAKE_BINARY_DIR}/server/include/maxscale_test.h) configure_file(${CMAKE_SOURCE_DIR}/server/test/maxscale_test.h.in ${CMAKE_BINARY_DIR}/server/include/maxscale_test.h)
configure_file(${CMAKE_SOURCE_DIR}/postinstall.sh.in ${CMAKE_BINARY_DIR}/postinstall.sh) configure_file(${CMAKE_SOURCE_DIR}/etc/postinst.in ${CMAKE_BINARY_DIR}/postinst)
configure_file(${CMAKE_SOURCE_DIR}/etc/postrm.in ${CMAKE_BINARY_DIR}/postrm)
set(CMAKE_C_FLAGS "-Wall -fPIC") set(CMAKE_C_FLAGS "-Wall -fPIC")
set(CMAKE_CXX_FLAGS "-Wall -fPIC") set(CMAKE_CXX_FLAGS "-Wall -fPIC")
@ -102,23 +100,6 @@ add_subdirectory(server)
if(NOT WITHOUT_MAXADMIN) if(NOT WITHOUT_MAXADMIN)
add_subdirectory(client) add_subdirectory(client)
endif() endif()
if(BUILD_RABBITMQ)
find_package(RabbitMQ)
add_subdirectory(rabbitmq_consumer)
endif()
# Install startup scripts and ldconfig files
if( NOT ( (DEFINED INSTALL_SYSTEM_FILES) AND ( NOT ( INSTALL_SYSTEM_FILES ) ) ) )
install(FILES ${CMAKE_BINARY_DIR}/maxscale.conf.prep RENAME maxscale.conf DESTINATION .)
if(DEB_BASED)
install(FILES ${CMAKE_BINARY_DIR}/etc/ubuntu/init.d/maxscale.prep RENAME maxscale DESTINATION .)
else()
install(FILES ${CMAKE_BINARY_DIR}/etc/init.d/maxscale.prep RENAME maxscale DESTINATION .)
endif()
message(STATUS "Installing maxscale.conf to: /etc/ld.so.conf.d")
message(STATUS "Installing startup scripts to: /etc/init.d")
endif()
file(GLOB DOCS Documentation/*.pdf) file(GLOB DOCS Documentation/*.pdf)
message(STATUS "Installing MaxScale to: ${CMAKE_INSTALL_PREFIX}/") message(STATUS "Installing MaxScale to: ${CMAKE_INSTALL_PREFIX}/")
@ -132,50 +113,69 @@ install(FILES ${CMAKE_SOURCE_DIR}/LICENSE DESTINATION .)
install(FILES ${CMAKE_SOURCE_DIR}/SETUP DESTINATION .) install(FILES ${CMAKE_SOURCE_DIR}/SETUP DESTINATION .)
install(DIRECTORY DESTINATION log) install(DIRECTORY DESTINATION log)
if(${CMAKE_VERSION} VERSION_LESS 2.8.12) # Install startup scripts and ldconfig files
message(WARNING "CMake version is ${CMAKE_VERSION}. Building of packages requires version 2.8.12 or greater.") if( NOT ( (DEFINED INSTALL_SYSTEM_FILES) AND ( NOT ( INSTALL_SYSTEM_FILES ) ) ) )
else() configure_file(${CMAKE_SOURCE_DIR}/maxscale.conf.in ${CMAKE_BINARY_DIR}/maxscale.conf @ONLY)
# See if we are on a RPM-capable or DEB-capable system if(DEB_BASED)
find_program(RPMBUILD rpmbuild) configure_file(${CMAKE_SOURCE_DIR}/etc/ubuntu/init.d/maxscale.in ${CMAKE_BINARY_DIR}/maxscale @ONLY)
find_program(DEBBUILD dpkg-buildpackage) else()
set(CPACK_GENERATOR "TGZ") configure_file(${CMAKE_SOURCE_DIR}/etc/init.d/maxscale.in ${CMAKE_BINARY_DIR}/maxscale @ONLY)
if(NOT ( ${RPMBUILD} STREQUAL "RPMBUILD-NOTFOUND" ) )
message(STATUS "Generating RPM packages")
set(CPACK_GENERATOR "${CPACK_GENERATOR};RPM")
endif() endif()
if(NOT PACKAGE)
if(NOT ( ${DEBBUILD} STREQUAL "DEBBUILD-NOTFOUND" ) ) install(FILES ${CMAKE_BINARY_DIR}/maxscale DESTINATION /etc/init.d
set(CPACK_GENERATOR "${CPACK_GENERATOR};DEB") PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
execute_process(COMMAND dpgk --print-architecture OUTPUT_VARIABLE DEB_ARCHITECTURE) install(FILES ${CMAKE_BINARY_DIR}/maxscale.conf DESTINATION /etc/ld.so.conf.d
set(CPACK_DEBIAN_PACKAGE_ARCHITECTURE ${DEB_ARCHITECTURE}) PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
set (CPACK_DEBIAN_PACKAGE_SHLIBDEPS ON) message(STATUS "Installing maxscale.conf to: /etc/ld.so.conf.d")
message(STATUS "Generating DEB packages for ${DEB_ARCHITECTURE}") message(STATUS "Installing startup scripts to: /etc/init.d")
endif() endif()
set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "MaxScale")
set(CPACK_PACKAGE_VERSION_MAJOR "${MAXSCALE_VERSION_MAJOR}")
set(CPACK_PACKAGE_VERSION_MINOR "${MAXSCALE_VERSION_MINOR}")
set(CPACK_PACKAGE_VERSION_PATCH "${MAXSCALE_VERSION_PATCH}")
set(CPACK_PACKAGE_CONTACT "MariaDB Corporation Ab")
set(CPACK_PACKAGE_FILE_NAME "maxscale-${MAXSCALE_VERSION}")
set(CPACK_PACKAGE_NAME "maxscale")
set(CPACK_PACKAGE_VENDOR "MariaDB Corporation Ab")
set(CPACK_PACKAGE_DESCRIPTION_FILE ${CMAKE_SOURCE_DIR}/README)
set(CPACK_PACKAGING_INSTALL_PREFIX "${CMAKE_INSTALL_PREFIX}")
set(CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA ${CMAKE_BINARY_DIR}/postinstall.sh)
set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_BINARY_DIR}/postinstall.sh)
set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/postuninstall.sh)
set(CPACK_RPM_PACKAGE_NAME "maxscale")
set(CPACK_RPM_PACKAGE_VENDOR "MariaDB Corporation Ab")
set(CPACK_RPM_PACKAGE_LICENSE "GPLv2")
set(CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION "/etc /etc/ld.so.conf.d /etc/init.d /etc/rc.d/init.d")
set(CPACK_RPM_SPEC_MORE_DEFINE "%define ignore \#")
set(CPACK_RPM_USER_FILELIST "%ignore /etc/init.d")
set(CPACK_RPM_USER_FILELIST "%ignore /etc/ld.so.conf.d")
set(CPACK_RPM_USER_FILELIST "%ignore /etc")
include(CPack)
endif() endif()
if(PACKAGE)
if(${CMAKE_VERSION} VERSION_LESS 2.8.12)
message(WARNING "CMake version is ${CMAKE_VERSION}. Building of packages requires version 2.8.12 or greater.")
else()
# See if we are on a RPM-capable or DEB-capable system
find_program(RPMBUILD rpmbuild)
find_program(DEBBUILD dpkg-buildpackage)
set(CPACK_GENERATOR "TGZ")
if(NOT ( ${RPMBUILD} STREQUAL "RPMBUILD-NOTFOUND" ) )
message(STATUS "Generating RPM packages")
set(CPACK_GENERATOR "${CPACK_GENERATOR};RPM")
endif()
if(NOT ( ${DEBBUILD} STREQUAL "DEBBUILD-NOTFOUND" ) )
set(CPACK_GENERATOR "${CPACK_GENERATOR};DEB")
execute_process(COMMAND dpgk --print-architecture OUTPUT_VARIABLE DEB_ARCHITECTURE)
set(CPACK_DEBIAN_PACKAGE_ARCHITECTURE ${DEB_ARCHITECTURE})
set (CPACK_DEBIAN_PACKAGE_SHLIBDEPS ON)
message(STATUS "Generating DEB packages for ${DEB_ARCHITECTURE}")
endif()
set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "MaxScale")
set(CPACK_PACKAGE_VERSION_MAJOR "${MAXSCALE_VERSION_MAJOR}")
set(CPACK_PACKAGE_VERSION_MINOR "${MAXSCALE_VERSION_MINOR}")
set(CPACK_PACKAGE_VERSION_PATCH "${MAXSCALE_VERSION_PATCH}")
set(CPACK_PACKAGE_CONTACT "MariaDB Corporation Ab")
set(CPACK_PACKAGE_FILE_NAME "maxscale-${MAXSCALE_VERSION}")
set(CPACK_PACKAGE_NAME "maxscale")
set(CPACK_PACKAGE_VENDOR "MariaDB Corporation Ab")
set(CPACK_PACKAGE_DESCRIPTION_FILE ${CMAKE_SOURCE_DIR}/etc/DESCRIPTION)
set(CPACK_PACKAGING_INSTALL_PREFIX "${CMAKE_INSTALL_PREFIX}")
set(CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA "${CMAKE_BINARY_DIR}/postinst;{CMAKE_BINARY_DIR}/postrm")
set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_BINARY_DIR}/postinst)
set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE ${CMAKE_BINARY_DIR}/postrm)
set(CPACK_RPM_PACKAGE_NAME "maxscale")
set(CPACK_RPM_PACKAGE_VENDOR "MariaDB Corporation Ab")
set(CPACK_RPM_PACKAGE_LICENSE "GPLv2")
set(CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION "/etc /etc/ld.so.conf.d /etc/init.d /etc/rc.d/init.d")
set(CPACK_RPM_SPEC_MORE_DEFINE "%define ignore \#")
set(CPACK_RPM_USER_FILELIST "%ignore /etc/init.d")
set(CPACK_RPM_USER_FILELIST "%ignore /etc/ld.so.conf.d")
set(CPACK_RPM_USER_FILELIST "%ignore /etc")
include(CPack)
endif()
endif()
add_custom_target(buildtests add_custom_target(buildtests
COMMAND ${CMAKE_COMMAND} -DDEPS_OK=Y -DBUILD_TESTS=Y -DBUILD_TYPE=Debug -DCMAKE_INSTALL_PREFIX=${CMAKE_BINARY_DIR} -DINSTALL_SYSTEM_FILES=N ${CMAKE_SOURCE_DIR} COMMAND ${CMAKE_COMMAND} -DDEPS_OK=Y -DBUILD_TESTS=Y -DBUILD_TYPE=Debug -DCMAKE_INSTALL_PREFIX=${CMAKE_BINARY_DIR} -DINSTALL_SYSTEM_FILES=N ${CMAKE_SOURCE_DIR}
@ -193,7 +193,7 @@ add_custom_target(testall
# uninstall target # uninstall target
# see http://www.cmake.org/Wiki/CMake_FAQ#Can_I_do_.22make_uninstall.22_with_CMake.3F # see http://www.cmake.org/Wiki/CMake_FAQ#Can_I_do_.22make_uninstall.22_with_CMake.3F
configure_file( configure_file(
"${CMAKE_CURRENT_SOURCE_DIR}/cmake_uninstall.cmake.in" "${CMAKE_CURRENT_SOURCE_DIR}/cmake/cmake_uninstall.cmake.in"
"${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake" "${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake"
IMMEDIATE @ONLY) IMMEDIATE @ONLY)

0
FindMySQL.cmake → cmake/FindMySQL.cmake
View File

0
FindMySQLClient.cmake → cmake/FindMySQLClient.cmake
View File

0
FindRabbitMQ.cmake → cmake/FindRabbitMQ.cmake
View File

0
FindValgrind.cmake → cmake/FindValgrind.cmake
View File

0
cmake_uninstall.cmake.in → cmake/cmake_uninstall.cmake.in
View File

9
etc/DESCRIPTION Normal file
View File

@ -0,0 +1,9 @@
The MariaDB Corporation MaxScale is an intelligent proxy that allows forwarding of
database statements to one or more database servers using complex rules,
a semantic understanding of the database statements and the roles of
the various servers within the backend cluster of databases.
MaxScale is designed to provide load balancing and high availability
functionality transparently to the applications. In addition it provides
a highly scalable and flexibile architecture, with plugin components to
support different protocols and routing decissions.

0
postinstall.sh.in → etc/postinst.in
View File

0
postuninstall.sh → etc/postrm.in
View File

2
log_manager/test/CMakeLists.txt
View File

@ -2,4 +2,4 @@ add_executable(testlog testlog.c)
add_executable(testorder testorder.c) add_executable(testorder testorder.c)
target_link_libraries(testlog pthread log_manager utils) target_link_libraries(testlog pthread log_manager utils)
target_link_libraries(testorder pthread log_manager utils) target_link_libraries(testorder pthread log_manager utils)
add_test(NAME TestLogOrder COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/logorder.sh ${CMAKE_CURRENT_BINARY_DIR}/test.log 500 0 500 ${CMAKE_CURRENT_BINARY_DIR}) add_test(NAME TestLogOrder COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/logorder.sh 200 0 1000 ${CMAKE_CURRENT_BINARY_DIR}/logorder.log)

10
log_manager/test/logorder.sh
View File

@ -7,14 +7,13 @@ then
exit exit
fi fi
rm *.log
if [ $# -eq 5 ] if [ $# -eq 5 ]
then then
TDIR=$5 TDIR=$5
else else
TDIR=$PWD TDIR=$PWD
fi fi
rm $TDIR/*.log
#Create large messages #Create large messages
@ -71,8 +70,5 @@ else
echo "Error: block buffer messages were written in the wrong order" >> $TESTLOG echo "Error: block buffer messages were written in the wrong order" >> $TESTLOG
fi fi
if [ $# -eq 5 ] cat $TESTLOG
then exit $all_errors
cat $TESTLOG
exit $all_errors
fi

3
macros.cmake
View File

@ -62,6 +62,9 @@ macro(set_variables)
# Build tests # Build tests
set(BUILD_TESTS FALSE CACHE BOOL "Build tests") set(BUILD_TESTS FALSE CACHE BOOL "Build tests")
# Build packages
set(PACKAGE FALSE CACHE BOOL "Enable package building (this disables local installation of system files)")
endmacro() endmacro()
macro(check_deps) macro(check_deps)

4
query_classifier/test/CMakeLists.txt
View File

@ -2,7 +2,7 @@ if(${ERRMSG} MATCHES "ERRMSG-NOTFOUND")
message(FATAL_ERROR "The errmsg.sys file was not found, please define the path with -DERRMSG=<path>") message(FATAL_ERROR "The errmsg.sys file was not found, please define the path with -DERRMSG=<path>")
else() else()
if(${CMAKE_VERSION} VERSION_LESS 2.8) if(${CMAKE_VERSION} VERSION_LESS 2.8)
execute_process(COMMAND cp ${ERRMSG} ${CMAKE_CURRENT_BINARY_DIR}) execute_process(COMMAND ${CMAKE_COMMAND} -E copy ${ERRMSG} ${CMAKE_CURRENT_BINARY_DIR})
else() else()
file(COPY ${ERRMSG} DESTINATION ${CMAKE_CURRENT_BINARY_DIR}) file(COPY ${ERRMSG} DESTINATION ${CMAKE_CURRENT_BINARY_DIR})
endif() endif()
@ -11,4 +11,4 @@ endif()
add_subdirectory(canonical_tests) add_subdirectory(canonical_tests)
add_executable(classify classify.c) add_executable(classify classify.c)
target_link_libraries(classify query_classifier fullcore) target_link_libraries(classify query_classifier fullcore)
add_test(TestQueryClassifier classify ${CMAKE_CURRENT_SOURCE_DIR}/input.sql ${CMAKE_CURRENT_SOURCE_DIR}/expected.sql) add_test(TestQueryClassifier classify ${CMAKE_CURRENT_SOURCE_DIR}/input.sql ${CMAKE_CURRENT_SOURCE_DIR}/expected.sql)

14
query_classifier/test/classify.c
View File

@ -44,8 +44,22 @@ int main(int argc, char** argv)
} }
input = fopen(argv[1],"rb"); input = fopen(argv[1],"rb");
if(input == NULL)
{
printf("Error: Failed to open input file %s", argv[1]);
return 1;
}
expected = fopen(argv[2],"rb"); expected = fopen(argv[2],"rb");
if(expected == NULL)
{
fclose(input);
printf("Error: Failed to open expected output file %s", argv[2]);
return 1;
}
while((rd = fread(buffer,sizeof(char),1023,input))){ while((rd = fread(buffer,sizeof(char),1023,input))){
/**Fill the read buffer*/ /**Fill the read buffer*/

6
rabbitmq_consumer/CMakeLists.txt
View File

@ -3,10 +3,11 @@ include(../macros.cmake)
enable_testing() enable_testing()
set_variables() set_variables()
set(CMAKE_INSTALL_PREFIX "/usr/local/skysql/rabbitmq-consumer" CACHE PATH "Prefix prepended to install directories.") set(CMAKE_INSTALL_PREFIX "/usr/local/skysql/rabbitmq-consumer" CACHE PATH "Prefix prepended to install directories.")
set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/../") set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/../cmake")
project("RabbitMQ Consumer") project("RabbitMQ Consumer")
configure_file(${CMAKE_SOURCE_DIR}/consumer.c ${CMAKE_BINARY_DIR}/consumer.c)
find_package(RabbitMQ) find_package(RabbitMQ)
find_package(MySQLClient) find_package(MySQLClient)
@ -14,9 +15,10 @@ find_package(MySQLClient)
set(CMAKE_C_FLAGS "-Wall -fPIC") set(CMAKE_C_FLAGS "-Wall -fPIC")
set(CMAKE_CXX_FLAGS "-Wall -fPIC") set(CMAKE_CXX_FLAGS "-Wall -fPIC")
include_directories(${MYSQLCLIENT_HEADERS}) include_directories(${MYSQLCLIENT_HEADERS})
include_directories(${RABBITMQ_HEADERS})
include_directories(inih) include_directories(inih)
add_subdirectory(inih) add_subdirectory(inih)
add_executable (consumer consumer.c) add_executable (consumer ${CMAKE_BINARY_DIR}/consumer.c)
if(MYSQLCLIENT_FOUND) if(MYSQLCLIENT_FOUND)
target_link_libraries(consumer ${MYSQLCLIENT_LIBRARIES} rabbitmq inih ssl crypt crypto dl z m pthread) target_link_libraries(consumer ${MYSQLCLIENT_LIBRARIES} rabbitmq inih ssl crypt crypto dl z m pthread)

8
rabbitmq_consumer/buildconfig.inc
View File

@ -1,8 +0,0 @@
#Use the '-I' prefix for include and '-L' for library directories
#You can use multiple library and include directories
#Path to the rabbitmq-c and mysqlclient libraries
LIBRARY_DIRS :=-L/usr/lib64
#path to headers
INCLUDE_DIRS :=-I/usr/include -I/usr/include/mysql

7
rabbitmq_consumer/consumer.c
View File

@ -337,6 +337,7 @@ int main(int argc, char** argv)
MYSQL db_inst; MYSQL db_inst;
char ch, *cnfname = NULL, *cnfpath = NULL; char ch, *cnfname = NULL, *cnfpath = NULL;
static const char* fname = "consumer.cnf"; static const char* fname = "consumer.cnf";
const char* default_path = "@CMAKE_INSTALL_PREFIX@/etc";
if((c_inst = calloc(1,sizeof(CONSUMER))) == NULL){ if((c_inst = calloc(1,sizeof(CONSUMER))) == NULL){
fprintf(stderr, "Fatal Error: Cannot allocate enough memory.\n"); fprintf(stderr, "Fatal Error: Cannot allocate enough memory.\n");
@ -359,6 +360,12 @@ int main(int argc, char** argv)
} }
} }
if(cnfpath == NULL)
{
cnfpath = strdup(default_path);
cnfnlen = strlen(default_path);
}
cnfname = calloc(cnfnlen + strlen(fname) + 1,sizeof(char)); cnfname = calloc(cnfnlen + strlen(fname) + 1,sizeof(char));
if(cnfpath){ if(cnfpath){

4
server/modules/filter/CMakeLists.txt
View File

@ -1,6 +1,8 @@
if(BUILD_RABBITMQ) if(BUILD_RABBITMQ)
find_package(RabbitMQ)
include_directories(${RABBITMQ_HEADERS})
add_library(mqfilter SHARED mqfilter.c) add_library(mqfilter SHARED mqfilter.c)
target_link_libraries(mqfilter query_classifier log_manager utils rabbitmq) target_link_libraries(mqfilter query_classifier log_manager utils ${RABBITMQ_LIBRARIES})
install(TARGETS mqfilter DESTINATION modules) install(TARGETS mqfilter DESTINATION modules)
endif() endif()

108
server/modules/filter/fwfilter.md
View File

@ -1,108 +0,0 @@
Firewall filter
# Overview
The firewall filter is used to block queries that match a set of rules. It can be used to prevent harmful queries into the database or to limit the access to the database based on a more defined set of rules compared to the traditional GRANT-based rights management.
# Configuration
The firewall filter only requires a minimal set of configurations in the MaxScale.cnf file. The actual rules of the firewall filter are located in a separate text file. The following is an example of a firewall filter configuration in the MaxScale.cnf file.
[Firewall]
type=filter
module=fwfilter
rules=/home/user/rules.txt
## Filter Options
The firewall filter does not support anny filter options.
## Filter Parameters
The firewall filter has one mandatory parameter that defines the location of the rule file. This is the 'rules' parameter and it expects an absolute path to the rule file.
# Rule syntax
The rules are defined by using the following syntax.
` rule NAME deny [wildcard | columns VALUE ... |
regex REGEX | limit_queries COUNT TIMEPERIOD HOLDOFF |
no_where_clause] [at_times VALUE...] [on_queries [select|update|insert|delete]]`
Rules always define a blocking action so the basic mode for the firewall filter is to allow all queries that do not match a given set of rules. Rules are identified by their name and have a mandatory part and optional parts.
The first step of defining a rule is to start with the keyword 'rule' which identifies this line of text as a rule. The second token is identified as the name of the rule. After that the mandatory token 'deny' is required to mark the start of the actual rule definition.
## Mandator rule parameters
The firewall filter's rules expect a single mandatory parameter for a rule. You can define multiple rules to cover situations where you would like to apply multiple mandatory rules to a query.
### Wildcard
This rule blocks all queries that use the wildcard character *.
### Columns
This rule expects a list of values after the 'columns' keyword. These values are interpreted as column names and if a query targets any of these, it is blocked.
### Regex
This rule blocks all queries matching a regex enclosed in single or double quotes.
### Limit_queries
The limit_queries rule expects three parameters. The first parameter is the number of allowed queries during the time period. The second is the time period in seconds and the third is the amount of time for which the rule is considered active and blocking.
### No_where_clause
This rule inspects the query and blocks it if it has no where clause. This way you can't do a DELETE FROM ... query without having the where clause. This does not prevent wrongful usage of the where clause e.g. DELETE FROM ... WHERE 1=1.
## Optional rule parameters
Each mandatory rule accepts one or more optional parameters. These are to be defined after the mandatory part of the rule.
### At_times
This rule expects a list of time ranges that define the times when the rule in question is active. The time formats are expected to be ISO-8601 compliant and to be separated by a single dash (the - character). For example defining the active period of a rule to be 17:00 to 19:00 you would add 'at times 17:00:00-19:00:00' to the end of the rule.
### On_queries
This limits the rule to be active only on certain types of queries.
## Applying rules to users
To apply the defined rules to users use the following syntax.
`users NAME ... match [any|all] rules RULE ...`
The first keyword is users which identifies this line as a user definition line. After this a list of usernames and network addresses in the format 'user@0.0.0.0' is expected. The first part is the username and the second part is the network address. You can use the '%' character as the wildcard to enable username matching from any address or network matching for all users. After the list of users and networks the keyword match is expected. After this either the keyword 'any' or 'all' is expected. This defined how the rules are matched. If 'any' is used when the first rule is matched the query is considered blocked and the rest of the rules are skipped. If instead the 'all' keyword is used all rules must match for the query to be blocked.
After the matching part comes the rules keyword after which a list of rule names is expected. This allows reusing of the rules and enables varying levels of query restriction.
# Examples
## Example rule file
The following is an example of a rule file which defines six rules and applies them to three sets of users. This rule file is used in all of the examples.
rule block_wildcard deny wildcard at_times 8:00:00-17:00:00
rule no_personal_info deny columns phone salary address on_queries select|delete at_times 12:00:00-18:00:00
rule simple_regex deny regex '.*insert.*into.*select.*'
rule dos_block deny limit_queries 10000 1.0 500.0 at_times 12:00:00-18:00:00
rule safe_delete deny no_where_clause on_queries delete
rule managers_table deny regex '.*from.*managers.*'
users John@% Jane@% match any rules no_personal_info block_wildcard
users %@80.120.% match any rules block_wildcard dos_block
users %@% match all rules safe_delete managers_table
## Example 1 - Deny access to personal information and prevent huge queries during peak hours
Assume that a database cluster with tables that have a large number of columns is under heavy load during certain times of the day. Now also assume that large selects and querying of personal information creates unwanted stress on the cluster. Now we wouldn't want to completely prevent all the users from accessing personal information or performing large select queries, we only want to block the users John and Jane.
This can be achieved by creating two rules. One that blocks the usage of the wildcard and one that prevents queries that target a set of columns. To apply these rules to the users we define a users line into the rule file with both the rules and all the users we want to apply the rules to. The rules are defined in the example rule file on line 1 and 2 and the users line is defined on line 7.
## Example 2 - Only safe deletes into the managers table
We want to prevent accidental deletes into the managers table where the where clause is missing. This poses a problem, we don't want to require all the delete queries to have a where clause. We only want to prevent the data in the managers table from being deleted without a where clause.
To achieve this, we need two rules. The first rule can be seen on line 5 in the example rule file. This defines that all delete operations must have a where clause. This rule alone does us no good so we need a second one. The second rule is defined on line 6 and it blocks all queries that match the provided regular expression. When we combine these two rules we get the result we want. You can see the application of these rules on line 9 of the example rule file. The usage of the 'all' matching mode requires that all the rules must match for the query to be blocked. This in effect combines the two rules into a more complex rule.

2
server/modules/filter/mqfilter.c
View File

@ -36,7 +36,7 @@
* *
* logging_trigger Set the logging level * logging_trigger Set the logging level
* logging_strict Sets whether to trigger when any of the parameters match or only if all parameters match * logging_strict Sets whether to trigger when any of the parameters match or only if all parameters match
* logging_log_all Log only SELECT, UPDATE, DELETE and INSERT or all posddible queries * logging_log_all Log only SELECT, UPDATE, DELETE and INSERT or all possible queries
* hostname The server hostname where the messages are sent * hostname The server hostname where the messages are sent
* port Port to send the messages to * port Port to send the messages to
* username Server login username * username Server login username