diff options
author | Marcello Coutinho <marcellocoutinho@gmail.com> | 2014-11-24 20:43:57 -0200 |
---|---|---|
committer | Marcello Coutinho <marcellocoutinho@gmail.com> | 2014-11-24 20:43:57 -0200 |
commit | 2dc85fc7519fe17550841919a6a1447495561e4c (patch) | |
tree | 256566dd05f3682b5a24de8375ee4101eae97581 /config/varnish3/varnish.inc | |
parent | a0e6733ec5638d12bdef256bdba7b1439cd56bfe (diff) | |
download | pfsense-packages-2dc85fc7519fe17550841919a6a1447495561e4c.tar.gz pfsense-packages-2dc85fc7519fe17550841919a6a1447495561e4c.tar.bz2 pfsense-packages-2dc85fc7519fe17550841919a6a1447495561e4c.zip |
varnish - fixes for pfsense 2.2 and widget improvements
Diffstat (limited to 'config/varnish3/varnish.inc')
-rw-r--r-- | config/varnish3/varnish.inc | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/config/varnish3/varnish.inc b/config/varnish3/varnish.inc index 813d61cf..bca02203 100644 --- a/config/varnish3/varnish.inc +++ b/config/varnish3/varnish.inc @@ -34,12 +34,15 @@ /* ========================================================================== */ $shortcut_section = "varnish"; -$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); -if ($pf_version > 2.0) - define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m")); -else - define('VARNISH_LOCALBASE','/usr/local'); - +$pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); +if (is_dir('/usr/pbi/varnish-' . php_uname("m"))) { + if ($pfs_version == 2.2) + define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m")."/local"); + else + define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m")); +} else { + define('VARNISH_LOCALBASE','/usr/local'); +} function varnish_settings_post_validate($post, &$input_errors) { if( !is_numeric($post['storagesize'])) @@ -463,7 +466,18 @@ function sync_package_varnish() { $vcl_recv_set_basic .= "\tset req.http.X-Forwarded-For = req.http.X-Forwarded-For + \",\" + client.ip;\n\n"; break; case 'create': - $vcl_recv_set_basic .= "\tset req.http.X-Forwarded-Varnish = client.ip;\n\n"; + $vcl_acls="acl SslOffloadServers {\n\t\"localhost\";"; + $sslservers= split (" ",$vcl['ssloffload']); + foreach ($sslservers as $sslserver){ + if (preg_match("/(\S+)\/(d+)/",$sslserver,$sslm)) + $vcl_acls.="\n\t\"{$sslm[1]}\"/{$sslm[2]};"; + else + $vcl_acls.="\n\t\"{$sslserver}\";"; + } + $vcl_acls.="}\n"; + $vcl_recv_set_basic .= "\tif (req.http.X-Forwarded-For && client.ip ~ SslOffloadServers){\n\t\t"; + $vcl_recv_set_basic .= "set req.http.X-Forwarded-Varnish = req.http.X-Forwarded-For;\n\t}"; + $vcl_recv_set_basic .= "else{\n\t\tset req.http.X-Forwarded-Varnish = client.ip;\n\n\t}"; break; case 'unset': $vcl_recv_set_basic .= "\tunset req.http.X-Forwarded-For;\n\n"; @@ -578,6 +592,7 @@ sub vcl_error { {$backends} {$vcl_hash} +{$vcl_acls} sub vcl_recv { {$vcl_recv_early} {$vcl_recv_set_basic} |