aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMarcello Coutinho <marcellocoutinho@gmail.com>2014-11-24 20:43:57 -0200
committerMarcello Coutinho <marcellocoutinho@gmail.com>2014-11-24 20:43:57 -0200
commit2dc85fc7519fe17550841919a6a1447495561e4c (patch)
tree256566dd05f3682b5a24de8375ee4101eae97581
parenta0e6733ec5638d12bdef256bdba7b1439cd56bfe (diff)
downloadpfsense-packages-2dc85fc7519fe17550841919a6a1447495561e4c.tar.gz
pfsense-packages-2dc85fc7519fe17550841919a6a1447495561e4c.tar.bz2
pfsense-packages-2dc85fc7519fe17550841919a6a1447495561e4c.zip
varnish - fixes for pfsense 2.2 and widget improvements
-rw-r--r--config/varnish3/varnish.inc29
-rwxr-xr-xconfig/varnish3/varnish.widget.php73
-rw-r--r--config/varnish3/varnish_settings.xml11
3 files changed, 79 insertions, 34 deletions
diff --git a/config/varnish3/varnish.inc b/config/varnish3/varnish.inc
index 813d61cf..bca02203 100644
--- a/config/varnish3/varnish.inc
+++ b/config/varnish3/varnish.inc
@@ -34,12 +34,15 @@
/* ========================================================================== */
$shortcut_section = "varnish";
-$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
-if ($pf_version > 2.0)
- define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m"));
-else
- define('VARNISH_LOCALBASE','/usr/local');
-
+$pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
+if (is_dir('/usr/pbi/varnish-' . php_uname("m"))) {
+ if ($pfs_version == 2.2)
+ define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m")."/local");
+ else
+ define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m"));
+} else {
+ define('VARNISH_LOCALBASE','/usr/local');
+}
function varnish_settings_post_validate($post, &$input_errors) {
if( !is_numeric($post['storagesize']))
@@ -463,7 +466,18 @@ function sync_package_varnish() {
$vcl_recv_set_basic .= "\tset req.http.X-Forwarded-For = req.http.X-Forwarded-For + \",\" + client.ip;\n\n";
break;
case 'create':
- $vcl_recv_set_basic .= "\tset req.http.X-Forwarded-Varnish = client.ip;\n\n";
+ $vcl_acls="acl SslOffloadServers {\n\t\"localhost\";";
+ $sslservers= split (" ",$vcl['ssloffload']);
+ foreach ($sslservers as $sslserver){
+ if (preg_match("/(\S+)\/(d+)/",$sslserver,$sslm))
+ $vcl_acls.="\n\t\"{$sslm[1]}\"/{$sslm[2]};";
+ else
+ $vcl_acls.="\n\t\"{$sslserver}\";";
+ }
+ $vcl_acls.="}\n";
+ $vcl_recv_set_basic .= "\tif (req.http.X-Forwarded-For && client.ip ~ SslOffloadServers){\n\t\t";
+ $vcl_recv_set_basic .= "set req.http.X-Forwarded-Varnish = req.http.X-Forwarded-For;\n\t}";
+ $vcl_recv_set_basic .= "else{\n\t\tset req.http.X-Forwarded-Varnish = client.ip;\n\n\t}";
break;
case 'unset':
$vcl_recv_set_basic .= "\tunset req.http.X-Forwarded-For;\n\n";
@@ -578,6 +592,7 @@ sub vcl_error {
{$backends}
{$vcl_hash}
+{$vcl_acls}
sub vcl_recv {
{$vcl_recv_early}
{$vcl_recv_set_basic}
diff --git a/config/varnish3/varnish.widget.php b/config/varnish3/varnish.widget.php
index b675f416..c6fdfe78 100755
--- a/config/varnish3/varnish.widget.php
+++ b/config/varnish3/varnish.widget.php
@@ -48,35 +48,56 @@ $img['Healthy']="<img src ='/themes/{$g['theme']}/images/icons/icon_interface_up
?><div id='varnish'><?php
open_table();
-if ($config['installedpackages']['varnishsettings']['config'][0])
- $mgm=$config['installedpackages']['varnishsettings']['config'][0]['managment'];
-if ($mgm != ""){
- print "<pre>";
- print "<td class=\"vncellt\"width=30%><strong>Cache hits</strong></td>";
- print "<td class=\"vncellt\"width=30%><strong>Cache hits pass</strong></td>";
- print "<td class=\"vncellt\"width=30%><strong>Cache Missed</strong></td></tr>";
+print "<pre>";
+print "<td class=\"vncellt\"width=30%><strong>Cache hits</strong></td>";
+print "<td class=\"vncellt\"width=30%><strong>Cache hits pass</strong></td>";
+print "<td class=\"vncellt\"width=30%><strong>Cache Missed</strong></td></tr>";
+$backends=exec("varnishstat -1",$debug);
+foreach ($debug as $line){
+ if (preg_match("/(\S+)\s+(\d+)/",$line,$matches))
+ $vs[$matches[1]]=$matches[2];
+ }
+print "<td class=\"listlr\">".number_format($vs['cache_hit']) ."</td>";
+print "<td class=\"listlr\">".number_format($vs['cache_hitpass']) ."</td>";
+print "<td class=\"listlr\">".number_format($vs['cache_miss'])."</td></tr>";
+close_table();
- $backends=exec("varnishadm -T " . escapeshellarg($mgm) . " stats",$debug);
- foreach ($debug as $line){
- if (preg_match("/(\d+)\s+Cache\s+(hits.for|hits|misses)/",$line,$matches))
- $cache[preg_replace("/\s+/","",$matches[2])]=$matches[1];
- if (preg_match("/(\d+)\s+Client\s+(\w+)/",$line,$matches))
- $client[$matches[2]]=$matches[1];
- }
- print "<td class=\"listlr\">".$cache['hits'] ."</td>";
- print "<td class=\"listlr\">".$cache['hitsfor'] ."</td>";
- print "<td class=\"listlr\">".$cache['misses']."</td></tr>";
- close_table();
+open_table();
+print "<td class=\"vncellt\" width=30%><strong>Conn. Accepted</strong></td>";
+print "<td class=\"vncellt\" width=30%><strong>Req. received</strong></td>";
+print "<td class=\"vncellt\" width=30%><strong>Uptime</strong></td></tr>";
+print "<td class=\"listlr\">".number_format($vs['client_conn']) ."</td>";
+print "<td class=\"listlr\">".number_format($vs['client_req']) ."</td>";
+print "<td class=\"listlr\">".(int)($vs['uptime'] / 86400) . "+ ". gmdate("H:i:s",($vs['uptime'] % 86400))."</td></tr>";
+close_table();
- open_table();
- print "<td class=\"vncellt\" width=30%><strong>Conn. Accepted</strong></td>";
- print "<td class=\"vncellt\" width=30%><strong>Req. received</strong></td>";
- print "<td class=\"vncellt\" width=30%><strong>Uptime</strong></td></tr>";
- print "<td class=\"listlr\">".$client['connections'] ."</td>";
- print "<td class=\"listlr\">".$client['requests'] ."</td>";
- print "<td class=\"listlr\">".$client['uptime']."</td></tr>";
- close_table();
+open_table();
+print "<td class=\"vncellt\" width=70%><strong>Host</strong></td>";
+print "<td class=\"vncellt\" width=15%><strong>Header(Rx)</strong></td>";
+print "<td class=\"vncellt\" width=15%><strong>Header(Tx)</strong></td></tr>";
+unset($debug);
+$backends=exec("varnishtop -I '^Host:' -1",$debug);
+foreach ($debug as $line){
+ if (preg_match("/(\S+)\s+(\w+)Header.Host: (\S+)/",$line,$lm))
+ $varnish_hosts[$lm[3]][$lm[2]]=$lm[1];
+}
+if (is_array($varnish_hosts)){
+ foreach ($varnish_hosts as $v_key=>$v_value){
+ print "<td class=\"listlr\">". $v_key ."</td>";
+ print "<td class=\"listlr\" align=\"Right\">". number_format($v_value['Rx']) ."</td>";
+ print "<td class=\"listlr\" align=\"Right\">".number_format($v_value['Tx'])."</td></tr>";
+ }
+}
+else{
+ print "<td class=\"listlr\">No traffic</td><td class=\"listlr\"></td><td class=\"listlr\"></td></tr>";
+}
+close_table();
+
+
+if ($config['installedpackages']['varnishsettings']['config'][0])
+ $mgm=$config['installedpackages']['varnishsettings']['config'][0]['managment'];
+if ($mgm != ""){
open_table();
print "<td class=\"vncellt\" width=30%><strong>Backend</strong></td>";
print "<td class=\"vncellt\" width=30%><strong>LB applied</strong></td>";
diff --git a/config/varnish3/varnish_settings.xml b/config/varnish3/varnish_settings.xml
index d957714d..99e29663 100644
--- a/config/varnish3/varnish_settings.xml
+++ b/config/varnish3/varnish_settings.xml
@@ -223,7 +223,7 @@
<field>
<fielddescr>Foward client IP</fielddescr>
<fieldname>xforward</fieldname>
- <description>Select how to forward clients real IP.</description>
+ <description><![CDATA[Select how to forward clients real IP.]]></description>
<type>select</type>
<options>
<option><name>set X-Forwarded-For</name><value>set</value></option>
@@ -233,6 +233,15 @@
</options>
</field>
<field>
+ <fielddescr>SSL Offload server ACL</fielddescr>
+ <fieldname>ssloffload</fieldname>
+ <description><![CDATA[Use <b>x-forwarded-for</b> var instead of <b>client.ip</b> to set <b>X-Forwarded-Varnish</b> on Forward<br>
+ SSL offload servers must be configured to forward client info. if not set you can get a blank var forwarded to backend.<br>
+ use space to specify more then one host or network.]]></description>
+ <type>input</type>
+ <size>30</size>
+ </field>
+ <field>
<fielddescr>Fetch Grace</fielddescr>
<fieldname>grace</fieldname>
<description><![CDATA[<a href="https://www.varnish-cache.org/trac/wiki/VCLExampleGrace">How many time varnish will keep cached objects.</a> HINT 60s, 30m, 1h]]></description>