Bypass Cache for Particular Visitor IP Address

MAGNIEN, Thierry thierry.magnien at sfr.com
Fri Sep 13 09:06:12 CEST 2013 

Hi,

If I'm not misreading :

if (!(client.ip ~ passem)) {
      return (pass);
}

means exactly the opposite of what you need : if NOT (client.ip matches passem) then PASS. Just remove the "!" and it should work ;-)

Regards,
Thierry
 

De : varnish-misc-bounces+thierry.magnien=sfr.com at varnish-cache.org [mailto:varnish-misc-bounces+thierry.magnien=sfr.com at varnish-cache.org] De la part de Stephen Wood
Envoyé : vendredi 13 septembre 2013 08:04
À : iPhrankie
Cc : varnish-misc at varnish-cache.org
Objet : Re: Bypass Cache for Particular Visitor IP Address

How do the logs describe the request? Hit/Miss/Pass? How are you sure that the content is being served out of the cache?

Also, you might want to consider using ipcast to set the client.ip from the x-forwarded-for headers. It's a lot cleaner than using the inline C. We use it to do what you're describing.

On Thu, Sep 12, 2013 at 12:12 PM, iPhrankie <iphrankie at gmail.com> wrote:
Hello Everyone,
We're using Varnish 3.0.3 behind a load balancer. We would like to bypass the Varnish cache for a particular visitor IP address. 
After doing research, I found the following solution. We're using the following in order for the acl to match the "http.x-forwarded-for" string. This code is working and within varnishlog I see "6 VCL_acl c MATCH passem 7x.xxx.xxx.xxx". However, even though it is matching the acl, the cache is still not being bypassed.
I have a feeling it has to do with the "sub vcl_recv" or the "return (pass)". I also tried using "set req.hash_always_miss = true;" instead of "return (pass)", but this also didn't work.
I would really greatly appreciate the help getting this to work. Many thanks.

    C{
    #include <netinet/in.h>
    #include <string.h>
    #include <sys/socket.h>
    #include <arpa/inet.h>
    }C
    acl passem { "7x.xxx.xxx.xxx"; }
    sub vcl_recv {
    C{
    struct sockaddr_storage *client_ip_ss = VRT_r_client_ip(sp);
    struct sockaddr_in *client_ip_si = (struct sockaddr_in *) client_ip_ss;
    struct in_addr *client_ip_ia = &(client_ip_si->sin_addr);
    char *xff_ip = VRT_GetHdr(sp, HDR_REQ, "\020X-Forwarded-For:");
 
    if (xff_ip != NULL) {
    inet_pton(AF_INET, xff_ip, client_ip_ia);
    }
    }C
    if (!(client.ip ~ passem)) {
    return (pass);
            }
    }
 

_______________________________________________
varnish-misc mailing list
varnish-misc at varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc




-- 
Stephen Wood
www.heystephenwood.com

More information about the varnish-misc mailing list