Date: Sun, 18 Jan 2004 01:37:30 +0100 (CET) From: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl> To: FreeBSD-gnats-submit@FreeBSD.org Subject: misc/61504: [patch] New RC script: accf_http Message-ID: <200401180037.i0I0bUl5027706@stud187236.mobiel.utwente.nl> Resent-Message-ID: <200401180040.i0I0e9aZ059601@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 61504 >Category: misc >Synopsis: [patch] New RC script: accf_http >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Jan 17 16:40:09 PST 2004 >Closed-Date: >Last-Modified: >Originator: Roderick van Domburg >Release: FreeBSD 5.2-CURRENT sparc64 >Organization: University of Twente >Environment: System: FreeBSD stud187236.mobiel.utwente.nl 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Sun Jan 11 14:03:52 CET 2004 roderick@magog.student.utwente.nl:/usr/obj/usr/src/sys/MAGOG sparc64 >Description: This addition to the RC ring of scripts allows control of accf_http(9), the HTTP accept filter. While this filter is generally used as a module, there were no facilities to load it automatically. >How-To-Repeat: >Fix: Attached are the RC script itself, an update to the default rc.conf and an update to the rc.conf(5) man page. --- accf_http begins here --- #!/bin/sh # PROVIDE: accf_http # KEYWORD: FreeBSD . /etc/rc.subr name="accf_http" rcvar="accf_http_enable" start_cmd="accf_http_start" stop_cmd="accf_http_stop" extra_commands="unload" unload_cmd="accf_http_unload" accf_http_start() { if ! ${SYSCTL} net.inet.accf.http.parsehttpversion > /dev/null 2>&1; then if ! kldload accf_http; then warn unable to load HTTP accept filter. return 1 else echo "HTTP accept filter enabled" return 0 fi else # already started return 0 fi } accf_http_stop() { unloadable=`"${SYSCTL}" -n net.inet.accf.unloadable` if [ ${unloadable} = "1" ]; then if kldunload accf_http > /dev/null 2>&1; then echo "HTTP accept filter unloaded" return 0 else warn unable to unload HTTP accept filter. return 1 fi else warn HTTP accept filter currently not made unloadable. warn Execute with 'unload' to unload anyway \(not warn recommended\). return 1 fi } accf_http_unload() { ${SYSCTL} net.inet.accf.unloadable=1 accf_http_stop } load_rc_config $name run_rc_command "$1" --- accf_http ends here --- --- rc.conf.5.patch begins here --- --- /usr/src/share/man/man5/rc.conf.5.old Sun Jan 18 01:23:22 2004 +++ /usr/src/share/man/man5/rc.conf.5 Sun Jan 18 01:30:44 2004 @@ -254,6 +254,12 @@ The NIS domain name of this host, or .Dq Li NO if NIS is not used. +.It Va accf_http_enable +.Pq Vt bool +Set to +.Dq Li YES +to enable the HTTP accept filter. +Webservers that support this feature can use it to reduce system load. .It Va dhclient_program .Pq Vt str Path to the DHCP client program --- rc.conf.5.patch ends here --- --- rc.conf.patch begins here --- --- /etc/defaults/rc.conf.old Sun Jan 18 01:20:43 2004 +++ /etc/defaults/rc.conf Sun Jan 18 01:22:08 2004 @@ -60,6 +60,7 @@ ### Basic network and firewall/security options: ### hostname="" # Set this! nisdomainname="NO" # Set to NIS domain if using NIS (or NO). +accf_http_enable="NO" # Set to YES to enable the HTTP accept filter dhclient_program="/sbin/dhclient" # Path to dhcp client program. dhclient_flags="" # Additional flags to pass to dhcp client. background_dhclient="NO" # Start dhcp client in the background. --- rc.conf.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401180037.i0I0bUl5027706>