misc/61504: [patch] New RC script: accf_http

Roderick van Domburg r.s.a.vandomburg at student.utwente.nl
Sat Jan 17 16:40:14 PST 2004 

>Number:         61504
>Category:       misc
>Synopsis:       [patch] New RC script: accf_http
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jan 17 16:40:09 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Roderick van Domburg
>Release:        FreeBSD 5.2-CURRENT sparc64
>Organization:
University of Twente 
>Environment:
System: FreeBSD stud187236.mobiel.utwente.nl 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Sun Jan 11 14:03:52 CET 2004 roderick at magog.student.utwente.nl:/usr/obj/usr/src/sys/MAGOG sparc64


	
>Description:
This addition to the RC ring of scripts allows control of accf_http(9),
the HTTP accept filter. While this filter is generally used as a module,
there were no facilities to load it automatically.
	
>How-To-Repeat:
	
>Fix:
Attached are the RC script itself, an update to the default rc.conf and an
update to the rc.conf(5) man page.

	

--- accf_http begins here ---
#!/bin/sh

# PROVIDE: accf_http
# KEYWORD: FreeBSD

. /etc/rc.subr

name="accf_http"
rcvar="accf_http_enable"
start_cmd="accf_http_start"
stop_cmd="accf_http_stop"
extra_commands="unload"
unload_cmd="accf_http_unload"

accf_http_start()
{
	if ! ${SYSCTL} net.inet.accf.http.parsehttpversion > /dev/null 2>&1; then
		if ! kldload accf_http; then
			warn unable to load HTTP accept filter.
			return 1
		else
			echo "HTTP accept filter enabled"
			return 0
		fi
	else
		# already started
		return 0
	fi
}

accf_http_stop()
{
	unloadable=`"${SYSCTL}" -n net.inet.accf.unloadable`
	if [ ${unloadable} = "1" ]; then
		if kldunload accf_http > /dev/null 2>&1; then
			echo "HTTP accept filter unloaded"
			return 0
		else
			warn unable to unload HTTP accept filter.
			return 1
		fi
	else
		warn HTTP accept filter currently not made unloadable.
		warn Execute with 'unload' to unload anyway \(not
		warn recommended\). 
		return 1
	fi
}

accf_http_unload()
{
	${SYSCTL} net.inet.accf.unloadable=1
	accf_http_stop
}

load_rc_config $name
run_rc_command "$1"
--- accf_http ends here ---

--- rc.conf.5.patch begins here ---
--- /usr/src/share/man/man5/rc.conf.5.old	Sun Jan 18 01:23:22 2004
+++ /usr/src/share/man/man5/rc.conf.5	Sun Jan 18 01:30:44 2004
@@ -254,6 +254,12 @@
 The NIS domain name of this host, or
 .Dq Li NO
 if NIS is not used.
+.It Va accf_http_enable
+.Pq Vt bool
+Set to
+.Dq Li YES
+to enable the HTTP accept filter.
+Webservers that support this feature can use it to reduce system load.
 .It Va dhclient_program
 .Pq Vt str
 Path to the DHCP client program
--- rc.conf.5.patch ends here ---

--- rc.conf.patch begins here ---
--- /etc/defaults/rc.conf.old	Sun Jan 18 01:20:43 2004
+++ /etc/defaults/rc.conf	Sun Jan 18 01:22:08 2004
@@ -60,6 +60,7 @@
 ### Basic network and firewall/security options: ###
 hostname=""			# Set this!
 nisdomainname="NO"		# Set to NIS domain if using NIS (or NO).
+accf_http_enable="NO"		# Set to YES to enable the HTTP accept filter
 dhclient_program="/sbin/dhclient"	# Path to dhcp client program.
 dhclient_flags=""		# Additional flags to pass to dhcp client.
 background_dhclient="NO"	# Start dhcp client in the background.
--- rc.conf.patch ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list