Bypass Cache for Particular Visitor IP Address

iPhrankie iphrankie at gmail.com
Tue Sep 24 03:13:37 CEST 2013


Thierry, thank you! This was indeed the problem! Everything is working
correctly now.


On Fri, Sep 13, 2013 at 12:06 AM, MAGNIEN, Thierry
<thierry.magnien at sfr.com>wrote:

> Hi,
>
> If I'm not misreading :
>
> if (!(client.ip ~ passem)) {
>       return (pass);
> }
>
> means exactly the opposite of what you need : if NOT (client.ip matches
> passem) then PASS. Just remove the "!" and it should work ;-)
>
> Regards,
> Thierry
>
>
> De : varnish-misc-bounces+thierry.magnien=sfr.com at varnish-cache.org[mailto:
> varnish-misc-bounces+thierry.magnien=sfr.com at varnish-cache.org] De la
> part de Stephen Wood
> Envoyé : vendredi 13 septembre 2013 08:04
> À : iPhrankie
> Cc : varnish-misc at varnish-cache.org
> Objet : Re: Bypass Cache for Particular Visitor IP Address
>
> How do the logs describe the request? Hit/Miss/Pass? How are you sure that
> the content is being served out of the cache?
>
> Also, you might want to consider using ipcast to set the client.ip from
> the x-forwarded-for headers. It's a lot cleaner than using the inline C. We
> use it to do what you're describing.
>
> On Thu, Sep 12, 2013 at 12:12 PM, iPhrankie <iphrankie at gmail.com> wrote:
> Hello Everyone,
> We're using Varnish 3.0.3 behind a load balancer. We would like to bypass
> the Varnish cache for a particular visitor IP address.
> After doing research, I found the following solution. We're using the
> following in order for the acl to match the "http.x-forwarded-for" string.
> This code is working and within varnishlog I see "6 VCL_acl c MATCH passem
> 7x.xxx.xxx.xxx". However, even though it is matching the acl, the cache is
> still not being bypassed.
> I have a feeling it has to do with the "sub vcl_recv" or the "return
> (pass)". I also tried using "set req.hash_always_miss = true;" instead of
> "return (pass)", but this also didn't work.
> I would really greatly appreciate the help getting this to work. Many
> thanks.
>
>     C{
>     #include <netinet/in.h>
>     #include <string.h>
>     #include <sys/socket.h>
>     #include <arpa/inet.h>
>     }C
>     acl passem { "7x.xxx.xxx.xxx"; }
>     sub vcl_recv {
>     C{
>     struct sockaddr_storage *client_ip_ss = VRT_r_client_ip(sp);
>     struct sockaddr_in *client_ip_si = (struct sockaddr_in *) client_ip_ss;
>     struct in_addr *client_ip_ia = &(client_ip_si->sin_addr);
>     char *xff_ip = VRT_GetHdr(sp, HDR_REQ, "\020X-Forwarded-For:");
>
>     if (xff_ip != NULL) {
>     inet_pton(AF_INET, xff_ip, client_ip_ia);
>     }
>     }C
>     if (!(client.ip ~ passem)) {
>     return (pass);
>             }
>     }
>
>
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>
>
>
>
> --
> Stephen Wood
> www.heystephenwood.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20130923/7b901992/attachment.html>


More information about the varnish-misc mailing list