aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org>2020-03-21 20:21:05 +0200
committerSergey Poznyakoff <gray@gnu.org>2020-03-21 20:21:05 +0200
commita6d6598a99f654cf25a65e512ce7bf4856fda3b2 (patch)
tree5cd0500e3bf009c294fa0eeb06dfcf9759cfdb46
parent0774e8317694461a0d16ec365d70be08f6554c92 (diff)
downloadvmod-remoteip-a6d6598a99f654cf25a65e512ce7bf4856fda3b2.tar.gz
vmod-remoteip-a6d6598a99f654cf25a65e512ce7bf4856fda3b2.tar.bz2
Version 1.0v1.0
-rw-r--r--.gitignore2
-rw-r--r--NEWS2
-rw-r--r--README123
-rw-r--r--configure.ac6
4 files changed, 97 insertions, 36 deletions
diff --git a/.gitignore b/.gitignore
index c6b48ed..f775eaf 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,12 +18,14 @@ aclocal.m4
autom4te.cache/
build-aux
config.h
config.h.in
config.log
config.status
configure
core
libtool
m4
stamp-h1
tmp/
+README.html
+style1.css
diff --git a/NEWS b/NEWS
index b167c83..85185fc 100644
--- a/NEWS
+++ b/NEWS
@@ -1,18 +1,18 @@
vmod_remoteip -- history of user-visible changes. 2020-03-21
See the end of file for copying conditions.
Please send vmod_remoteip bug reports to <gray@gnu.org>
-Version 0.90 (Git)
+Version 1.0, 2020-03-21
Initial release
=========================================================================
Copyright information:
Copyright (C) 2020 Sergey Poznyakoff
Permission is granted to anyone to make or distribute verbatim copies
of this document as received, in any medium, provided that the
copyright notice and this permission notice are preserved,
thus giving the recipient permission to redistribute in turn.
diff --git a/README b/README
index 30140c4..ca814ba 100644
--- a/README
+++ b/README
@@ -1,95 +1,154 @@
-Vmod_remoteip
-=============
+#+TITLE: vmod_remoteip: Deduce actial client IP address for Varnish Cache
-Overview
---------
+* Overview
-This modules is for Varnish Cache what mod_remoteip is for Apache. It
+This module is for Varnish Cache what =mod_remoteip= is for Apache. It
determines the actual client IP address for the connection, using the
-useragent IP address list presented by a proxies or a load balancer
+useragent IP address list presented by a proxy or load balancer
via the request headers and a preconfigred list of trusted IP
addresses. For example, if your Varnish server works behind a load
balancer or yet another reverse proxy (such as pound or haproxy to
handle the TLS connection), you can use this module to get the real
-incoming connection IP address from the "X-Forwarded-For" header.
+incoming connection IP address from the =X-Forwarded-For= header.
-Example
--------
+* Example
-An example of using this module:
+The following example VCL uses the client address deduced from the
+value of the =X-Forwarded-For= header to enable the code specific for
+hosts from the ACL "allowed":
+#+BEGIN_SRC vcl-script
import std;
import remoteip;
sub vcl_init {
- remoteip.init("192.0.2.1, 127.0.0.0/8");
+ // Register trusted proxy server addresses
+ remoteip.init("192.0.2.1, 127.0.0.1");
}
acl allowed {
- "127.0.0.1";
- ...
+ "203.0.113.1";
+ "192.0.2.10";
}
sub vcl_recv {
set req.http.x-real-ip = remoteip.get(req.http.X-Forwarded-For);
if (std.ip(req.http.x-real-ip) ~ allowed) {
...
}
}
+#+END_SRC
-Installation
-------------
+* Installation
-In order to compile the package you need to have installed
-varnishd and varnishapi package. The module has been tested with
-Varnish version 6.3.1.
+In order to compile the package you need the varnishd and varnishapi
+packages. The module has been tested with Varnish version 6.3.1 and
+higher. Python 3, [[https://sourceforge.net/projects/docutils][Docutils]]
+and [[http://sphinx-doc.org][Sphinx]] are needed to build documentation.
+On Debian-based systems, this requires the =python3-docutils= and
+=python3-sphinx= packages.
-Supposing that condition is met, run:
+If these prerequisites are met, run:
+#+BEGIN_SRC shell-script
./configure
+#+END_SRC
-If your system offers Python versions 2.x and 3.x, it is quite often that
-version 2.x is used by default. In that case, we recommend to explicitly
-require version 3.x, as shown in this example:
+If both Python versions 2.x and 3.x are installed on the system,
+chances are version 2 is used by default. In that case, require
+version 3 explicitly, as shown in this example:
+#+BEGIN_SRC shell-script
./configure PYTHON=python3
+#+END_SRC
Otherwise, the configure script should be able to automatically find
the necessary components. In case it doesn't, tweak the configuration
-variables as necessary. The most important one is PKG_CONFIG_PATH,
-which contains a path (in the UNIX sense) where the .pc files are
-located. It should contain a directory where the 'varnishapi.pc' file
+variables as necessary. The most important one is =PKG_CONFIG_PATH=,
+which contains a path (in the UNIX sense) where the =.pc= files are
+located. It should contain a directory where the =varnishapi.pc= file
lives. Example usage:
+#+BEGIN_SRC shell-script
./configure PKG_CONFIG_PATH=/opt/varnish/lib/pkgconfig:$PKG_CONFIG_PATH
+#+END_SRC
-Please read the file INSTALL for a detailed discussion of available variables
+Please read the file =INSTALL= for a detailed discussion of available variables
and command line options.
Once configured, do
+#+BEGIN_SRC shell-script
make
+#+END_SRC
This will build the module. After this step you can optionally run
-'make test' to test the package.
+=make test= to test the package.
Finally, run the following command as root:
+#+BEGIN_SRC shell-script
make install
+#+END_SRC
-Documentation
--------------
+* Documentation
-The manual page vmod_remoteip(3) will be available after a successful
-install. To read it without actually installing the module, run
-`man src/vmod_remoteip.3'.
+The manual page
+[[http://man.gnu.org.ua/manpage/?3+vmod_remoteip][vmod_remoteip(3)]] will
+be available after a successful install. To read it without actually
+installing the module, run =man src/vmod_remoteip.3= .
An online copy of the documentation is available from
http://ps.gnu.org.ua/software/vmod-remoteip.
+* Downloads
+
+Source tarballs can be downloaded from
+https://download.gnu.org.ua/release/vmod-remoteip.
+
+The git repository is available at
+http://git.gnu.org.ua/cgit/vmod-remoteip.git.
+
+The project home page is
+https://puszcza.gnu.org.ua/projects/vmod-remoteip.
+
+* Copyright
+
+Copyright (C) 2020 Sergey Poznyakoff
+
+Permission is granted to anyone to make or distribute verbatim copies
+of this document as received, in any medium, provided that the
+copyright notice and this permission notice are preserved,
+thus giving the recipient permission to redistribute in turn.
+
+Permission is granted to distribute modified versions
+of this document, or of portions of it,
+under the above conditions, provided also that they
+carry prominent notices stating who last changed them.
+
* Bug reporting
Send bug reports and suggestions to <gray@gnu.org>
+* Document settings :noexport:
+
+Please ignore this section. It supplies the variables necessary for
+proper rendering of this document.
+
+:PROPERTIES:
+:VISIBILITY: folded
+:END:
+
+#+STARTUP: showall
+#+EXCLUDE_TAGS: noexport
+#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="style1.css" />
+#+OPTIONS: ^:nil
+
+# Local Variables:
+# mode: org
+# paragraph-separate: "[ ]*$"
+# version-control: never
+# End:
+
diff --git a/configure.ac b/configure.ac
index 0545796..cc8480a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,30 +1,30 @@
# This file is part of vmod_remoteip.
-# Copyright (C) 2017-2018 Sergey Poznyakoff
+# Copyright (C) 2020 Sergey Poznyakoff
#
# Vmod_remoteip is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3, or (at your option)
# any later version.
#
# Vmod_remoteip is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with vmod_remoteip. If not, see <http://www.gnu.org/licenses/>.
AC_PREREQ(2.69)
-AC_INIT([vmod-remoteip], [0.90], [gray@gnu.org])
+AC_INIT([vmod-remoteip], [1.0], [gray@gnu.org])
AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_SRCDIR(src/vmod_remoteip.vcc)
AM_CONFIG_HEADER(config.h)
AC_SUBST([AC_VMOD_BASENAME],[remoteip])
AC_CANONICAL_SYSTEM
AC_LANG(C)
AM_INIT_AUTOMAKE([1.14 gnu tar-ustar silent-rules])
AM_SILENT_RULES([yes])
@@ -36,25 +36,25 @@ if test "x$ac_cv_prog_cc_c99" = xno; then
fi
AC_PROG_CPP
AC_PROG_INSTALL
AC_PROG_LIBTOOL
AC_PROG_MAKE_SET
# Checks for header files.
AC_HEADER_STDC
# Check for functions
-AM_VARNISHAPI([6.0],[6.3.1])
+AM_VARNISHAPI([6.0],[6.3.2])
AC_DEFINE_UNQUOTED([VARNISHAPI_MAJOR],[$VARNISHAPI_MAJOR],
[Varnish API major version number])
AC_CONFIG_TESTDIR(tests)
AC_CONFIG_FILES([tests/Makefile tests/atlocal])
AM_MISSING_PROG([AUTOM4TE], [autom4te])
AC_CONFIG_FILES([
Makefile
src/Makefile
])
AC_OUTPUT

Return to:

Send suggestions and report system problems to the System administrator.