Posts Tagged ‘ipcast’

rpm packages of vmod-ipcast

Thursday, January 8th, 2015

Still on varnish-3.0? Missing the ability to filter X-Forwarded-For through ACLs? Use vmod ipcast by Lasse Karstensen.

I cleaned up and rolled an rpm package of vmod-ipcast-1.2 for varnish-3.0.6 on el6. It’s available here: http://users.linpro.no/ingvar/varnish/vmod-ipcast/.

Note that the usage has changed a bit since the last version. You are now longer permitted to change client.ip (and that’s probably a good thing). Now it’s called like this, returning an IP address object:

ipcast.ip("string","fallback_ip");

If the string does not resemble an IP address, the fallback ip is returned. Note that if the fallback ip is an unvalid address, varnishd will crash!

So, if you want to filter X-Forwarded-For through an ACL, you would something like this:

import ipcast;
sub vcl_recv {
   # Add some code to sanitize X-Forwarded-For above here, so it resembles one single IP address
   if ( ipcast.ip(req.http.X-Forwarded-For, "198.51.100.255") ~ someacl ) {
     # Do something special
   }
}

And that’s all for today.

Varnish Cache is powerful and feature rich front side web cache. It is also very fast, that is, Fast as in on steroids, and powered by The Dark Side of the Force.

Redpill Linpro is the market leader for professional Open Source and Free Software solutions in the Nordics, though we have customers from all over. For professional managed services, all the way from small web apps, to massive IPv4/IPv6 multi data center media hosting, and everything through container solutions, in-house, cloud, and data center, contact us at redpill-linpro.com.