[Bug 238739] www/nginx www/nginx-devel: add support for FreeBSD accept filters
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Jun 21 08:53:57 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238739
Bug ID: 238739
Summary: www/nginx www/nginx-devel: add support for FreeBSD
accept filters
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: joneum at FreeBSD.org
Reporter: jdc at koitsu.org
Assignee: joneum at FreeBSD.org
Flags: maintainer-feedback?(joneum at FreeBSD.org)
Created attachment 205253
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=205253&action=edit
nginx.in diff (for both www/nginx and www/nginx-devel)
I noticed that nginx's rc.d script had no support for loading accf_http.ko and
accf_data.ko kernel modules (see accf_http(9) and accf_data(9)) dynamically at
start.
nginx can use these via the "accept_filter=xxx" argument in the "listen"
directive. Reference:
http://nginx.org/en/docs/http/ngx_http_core_module.html#listen
Attached is an svn diff/patch for www/{nginx,nginx-devel}/files/nginx.in that
adds loading of this module when nginx_http_accept_enable="yes" in rc.conf. It
is based on www/apache24/files/apache24.in which has worked for literally
decades.
I did not add the "eval" line supporting this shim via nginx profiles because I
don't use/understand them. But it should be a single line if needed.
Note: testing this was annoying because for whatever reason on stable/11, once
accf_http.ko and accf_data.ko are loaded, they cannot be unloaded (Operation
not permitted, even when kern.securelevel == -1, no processes using the filters
are even running nor any lingering TCP sessions in TIME_WAIT or other states).
Just something to be aware of.
Thanks.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list