From owner-freebsd-bugs@FreeBSD.ORG Sat Jan 17 16:40:14 2004 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 97F1C16A4CE for ; Sat, 17 Jan 2004 16:40:14 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9945843D4C for ; Sat, 17 Jan 2004 16:40:09 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i0I0e9FR059602 for ; Sat, 17 Jan 2004 16:40:09 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i0I0e9aZ059601; Sat, 17 Jan 2004 16:40:09 -0800 (PST) (envelope-from gnats) Resent-Date: Sat, 17 Jan 2004 16:40:09 -0800 (PST) Resent-Message-Id: <200401180040.i0I0e9aZ059601@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Roderick van Domburg Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DABA516A4CE for ; Sat, 17 Jan 2004 16:38:24 -0800 (PST) Received: from netlx050.vf.utwente.nl (netlx050.vf.utwente.nl [192.87.17.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 95EA843D1D for ; Sat, 17 Jan 2004 16:38:22 -0800 (PST) (envelope-from roderick@stud187236.mobiel.utwente.nl) Received: from stud187236.mobiel.utwente.nl (stud187236.mobiel.utwente.nl [130.89.187.236])i0I0c9f26038 for ; Sun, 18 Jan 2004 01:38:10 +0100 Received: from stud187236.mobiel.utwente.nl (localhost [127.0.0.1]) i0I0bU8V027715 for ; Sun, 18 Jan 2004 01:37:30 +0100 (CET) (envelope-from roderick@stud187236.mobiel.utwente.nl) Received: (from root@localhost)i0I0bUl5027706; Sun, 18 Jan 2004 01:37:30 +0100 (CET) (envelope-from roderick) Message-Id: <200401180037.i0I0bUl5027706@stud187236.mobiel.utwente.nl> Date: Sun, 18 Jan 2004 01:37:30 +0100 (CET) From: Roderick van Domburg To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: misc/61504: [patch] New RC script: accf_http X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jan 2004 00:40:14 -0000 >Number: 61504 >Category: misc >Synopsis: [patch] New RC script: accf_http >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Jan 17 16:40:09 PST 2004 >Closed-Date: >Last-Modified: >Originator: Roderick van Domburg >Release: FreeBSD 5.2-CURRENT sparc64 >Organization: University of Twente >Environment: System: FreeBSD stud187236.mobiel.utwente.nl 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Sun Jan 11 14:03:52 CET 2004 roderick@magog.student.utwente.nl:/usr/obj/usr/src/sys/MAGOG sparc64 >Description: This addition to the RC ring of scripts allows control of accf_http(9), the HTTP accept filter. While this filter is generally used as a module, there were no facilities to load it automatically. >How-To-Repeat: >Fix: Attached are the RC script itself, an update to the default rc.conf and an update to the rc.conf(5) man page. --- accf_http begins here --- #!/bin/sh # PROVIDE: accf_http # KEYWORD: FreeBSD . /etc/rc.subr name="accf_http" rcvar="accf_http_enable" start_cmd="accf_http_start" stop_cmd="accf_http_stop" extra_commands="unload" unload_cmd="accf_http_unload" accf_http_start() { if ! ${SYSCTL} net.inet.accf.http.parsehttpversion > /dev/null 2>&1; then if ! kldload accf_http; then warn unable to load HTTP accept filter. return 1 else echo "HTTP accept filter enabled" return 0 fi else # already started return 0 fi } accf_http_stop() { unloadable=`"${SYSCTL}" -n net.inet.accf.unloadable` if [ ${unloadable} = "1" ]; then if kldunload accf_http > /dev/null 2>&1; then echo "HTTP accept filter unloaded" return 0 else warn unable to unload HTTP accept filter. return 1 fi else warn HTTP accept filter currently not made unloadable. warn Execute with 'unload' to unload anyway \(not warn recommended\). return 1 fi } accf_http_unload() { ${SYSCTL} net.inet.accf.unloadable=1 accf_http_stop } load_rc_config $name run_rc_command "$1" --- accf_http ends here --- --- rc.conf.5.patch begins here --- --- /usr/src/share/man/man5/rc.conf.5.old Sun Jan 18 01:23:22 2004 +++ /usr/src/share/man/man5/rc.conf.5 Sun Jan 18 01:30:44 2004 @@ -254,6 +254,12 @@ The NIS domain name of this host, or .Dq Li NO if NIS is not used. +.It Va accf_http_enable +.Pq Vt bool +Set to +.Dq Li YES +to enable the HTTP accept filter. +Webservers that support this feature can use it to reduce system load. .It Va dhclient_program .Pq Vt str Path to the DHCP client program --- rc.conf.5.patch ends here --- --- rc.conf.patch begins here --- --- /etc/defaults/rc.conf.old Sun Jan 18 01:20:43 2004 +++ /etc/defaults/rc.conf Sun Jan 18 01:22:08 2004 @@ -60,6 +60,7 @@ ### Basic network and firewall/security options: ### hostname="" # Set this! nisdomainname="NO" # Set to NIS domain if using NIS (or NO). +accf_http_enable="NO" # Set to YES to enable the HTTP accept filter dhclient_program="/sbin/dhclient" # Path to dhcp client program. dhclient_flags="" # Additional flags to pass to dhcp client. background_dhclient="NO" # Start dhcp client in the background. --- rc.conf.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: