VCL: returning early from a custom function
Cosimo Streppone
cosimo at streppone.it
Thu Apr 12 08:27:34 UTC 2018
On Wed, Apr 11, 2018, at 16:43, Anheyer, Tom wrote:
> What about:
>
> sub rate_limit {
>
> if (req.url ~ "pattern1") {
> std.log("pattern1 requests must never be throttled");
> }
> else {
> if (req.url ~ "pattern2") {
> if (vsthrottle.is_denied("pattern2" + client.identity,
> 100, 10s)) {
> std.log("pattern2 throttling for ip " +
> client.identity);
> return(synth(429, "ETOOMANYREQUESTS"));
> }
> }
>
> if (vsthrottle.is_denied("ip:" + client.identity, 500, 10s)) {
> std.log("global throttling for ip " + client.identity);
> return(synth(429, "ETOOMANYREQUESTS"));
> }
> }
>
> }
Yes, that's one of the alternatives, though the "whitelisted" patterns
are more than just one.
I ended up doing something like:
set req.http.Rate-Limit = "1";
if (whitelisted-pattern1) { set req.http.Rate-Limit = "0"; }
if (whitelisted-pattern2) { set req.http.Rate-Limit = "0"; }
...
if (req.http.Rate-Limit == "0") {
# no rate limiting
} else {
# yes, do rate limit
}
I intend to look at vmod_var to see if I can make this prettier.
--
Cosimo
More information about the varnish-misc
mailing list