Additions:
v2.0 style (plus ip + url filter)
.host = "127.0.0.1";
.port = "801";
acl localip {
"192.168.13.10";
if (client.ip ~ localip) {
if (req.url ~ "^/admin") {
error 403 "Hmm...";
}
}
}
V1.x style
Additions:
Deletions:
Additions:
Additions:
error 403 "Access restricted.";
}
Deletions:
error 403 "Access restricted.";
}
Additions:
acl clientnet {
"1.2.3.4";
"2.3.4.5";
# filter access to certain url
if (req.url ~ "^/admin") {
if (!client.ip ~ clientnet) {
error 403 "Access restricted.";
}
Additions:
There are three keywords with vcl file:
pipe: check the next rule
pass: do not cache
lookup: cache
Varnish
Get it from
http://varnish.projects.linpro.no/∞
Install
Just do a source install. If you distribution keeps things up to date, you may be able to get it via yum / aptitute.
Config
For Fedora / Redhat, one can copy the following files:
redhat/varnish.sysconfig -> /etc/sysconfig/varnish
redhat/varnish.initrc -> /etc/init.d/varnish
Create the group & user varnish, then create the cache directory specified in /etc/sysconfig/varnish. Edit the ports specified in that config file, and change the init script to use /usr/local/sbin/varnish. Varnish should start up fine.
Log
Varnish logs with separate process. The init script is available from redhat/varnishlog.initrc. Once started, one can use
varnishlog to examine the log database.
default.vcl
Varnish may require some tweaking for dynamic content. In my test, if the URL doesn't change, the content is not refreshed. My jsp file simple reports the current time including the second, and that does not work very well. I had to tell varnish not to cache jsp files -
backend default {
set backend.host = "127.0.0.1";
set backend.port = "8080";
}
# This prevents varnish from caching *.jsp and *.jspx
sub vcl_recv {
if (req.request == "GET" && req.url ~ "\.(jsp|jspx)$") {
pass;
}
}