Repository: trafficserver Updated Branches: refs/heads/5.0.x 61b12a323 -> 2bf6ef38f
Update docs for ip_allow and remap.config to reflect changes to allow artibtrary methods Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/82c14a99 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/82c14a99 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/82c14a99 Branch: refs/heads/5.0.x Commit: 82c14a99bc243ea2cb70baf882a19206365fb744 Parents: 61b12a3 Author: Thomas Jackson <[email protected]> Authored: Fri May 30 15:25:43 2014 -0700 Committer: Thomas Jackson <[email protected]> Committed: Fri May 30 15:25:43 2014 -0700 ---------------------------------------------------------------------- .../configuration/ip_allow.config.en.rst | 13 +++++++----- doc/reference/configuration/remap.config.en.rst | 21 ++++++++++++++++++++ 2 files changed, 29 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/82c14a99/doc/reference/configuration/ip_allow.config.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/configuration/ip_allow.config.en.rst b/doc/reference/configuration/ip_allow.config.en.rst index 49812a1..857e3e6 100644 --- a/doc/reference/configuration/ip_allow.config.en.rst +++ b/doc/reference/configuration/ip_allow.config.en.rst @@ -5,9 +5,9 @@ to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - + http://www.apache.org/licenses/LICENSE-2.0 - + Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY @@ -43,9 +43,12 @@ access the Traffic Server proxy cache, and ``ip_deny`` denies the specified client(s) to access the Traffic Server proxy cache. Multiple method keywords can be specified (method=GET method=HEAD), or multiple methods can be separated by an '\|' (method=GET\|HEAD). The method -keyword is optional and it is defaulted to ALL. Available methods: ALL, -GET, CONNECT, DELETE, HEAD, ICP_QUERY, OPTIONS, POST, PURGE, PUT, -TRACE, PUSH +keyword is optional and it is defaulted to ALL. This supports ANY string +as the HTTP method, meaning no validation is done to check wether it +is a valid HTTP method. This allows you to create filters for any method +that your origin may require, this is especially useful if you use newer +methods that aren't know to trafficserver (such as PROPFIND) or if your +origin uses an http-ish protocol. By default, the :file:`ip_allow.config` file contains the following lines, which allows all methods to localhost to access the Traffic Server proxy http://git-wip-us.apache.org/repos/asf/trafficserver/blob/82c14a99/doc/reference/configuration/remap.config.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/configuration/remap.config.en.rst b/doc/reference/configuration/remap.config.en.rst index fd430a8..e888fb4 100644 --- a/doc/reference/configuration/remap.config.en.rst +++ b/doc/reference/configuration/remap.config.en.rst @@ -375,6 +375,27 @@ This will pass "1" and "2" to plugin1.so and "3" to plugin2.so .. _remap-config-named-filters: +Acl Filters +=========== + +Acl filters can be created to control access of specific remap lines. The markup +is very similar to that of :file:`ip_allow.config`, with slight changes to +accomodate remap markup + +Examples +-------- + +:: + map http://foo.example.com/neverpost http://foo.example.com/neverpost @action=deny @method=post + map http://foo.example.com/onlypost http://foo.example.com/onlypost @action=allow @method=post + + map http://foo.example.com/ http://foo.example.com/ @action=deny @src_ip=1.2.3.4 + map http://foo.example.com/ http://foo.example.com/ @action=allow @src_ip=127.0.0.1 + + map http://foo.example.com/ http://foo.example.com/ @action=allow @src_ip=127.0.0.1 @method=post @method=get @method=head + +Note that these Acl filters will return a 403 response if the resource is restricted. + Named Filters =============
