ACLChecklist::ACLChecklist() :
accessList (NULL),
+ dst_peer(NULL),
request (NULL),
reply (NULL),
auth_user_request (NULL),
#include "typedefs.h"
#include "client_side.h"
+#include "structs.h"
class ExternalACLEntry;
IPAddress my_addr;
+ struct peer *dst_peer;
+
HttpRequest *request;
/* for acls that look at reply data */
HttpReply *reply;
#include "ACLStringData.h"
#include "ACLChecklist.h"
-/* explicit template instantiation required for some systems */
-
-template class ACLStrategised<const char *>;
ACL::Prototype ACLMyPortName::RegistryProtoype(&ACLMyPortName::RegistryEntry_, "myportname");
--- /dev/null
+#include "squid.h"
+#include "ACLPeerName.h"
+#include "ACLStringData.h"
+#include "ACLChecklist.h"
+
+ACL::Prototype ACLPeerName::RegistryProtoype(&ACLPeerName::RegistryEntry_, "peername");
+
+ACLStrategised<const char *> ACLPeerName::RegistryEntry_(new ACLStringData, ACLPeerNameStrategy::Instance(), "peername");
+
+int
+ACLPeerNameStrategy::match (ACLData<MatchType> * &data, ACLChecklist *checklist)
+{
+ if (checklist->dst_peer != NULL && checklist->dst_peer->name != NULL)
+ return data->match(checklist->dst_peer->name);
+ return 0;
+}
+
+ACLPeerNameStrategy *
+ACLPeerNameStrategy::Instance()
+{
+ return &Instance_;
+}
+
+ACLPeerNameStrategy ACLPeerNameStrategy::Instance_;
--- /dev/null
+#ifndef SQUID_ACLPEERNAME_H
+#define SQUID_ACLPEERNAME_H
+
+#include "ACLStrategy.h"
+#include "ACLStrategised.h"
+
+class ACLPeerNameStrategy : public ACLStrategy<const char *>
+{
+
+public:
+ virtual int match (ACLData<MatchType> * &, ACLChecklist *);
+ static ACLPeerNameStrategy *Instance();
+ /* Not implemented to prevent copies of the instance. */
+ /* Not private to prevent brain dead g+++ warnings about
+ * private constructors with no friends */
+ ACLPeerNameStrategy(ACLPeerNameStrategy const &);
+
+private:
+ static ACLPeerNameStrategy Instance_;
+ ACLPeerNameStrategy(){}
+
+ ACLPeerNameStrategy&operator=(ACLPeerNameStrategy const &);
+};
+
+class ACLPeerName
+{
+
+private:
+ static ACL::Prototype RegistryProtoype;
+ static ACLStrategised<const char *> RegistryEntry_;
+};
+
+#endif /* SQUID_ACLPEERNAME_H */
#include "ACLDomainData.h"
/*
- * moved template instantiation into ACLStrategized.cc from
- * ACLHTTPRepHeader.cc and ACLHTTPReqHeader.cc to compile on
- * Mac OSX 10.5 Leopard, this corrects a duplicate symbol error
+ * moved template instantiation into ACLStrategized.cc
+ * to compile on Mac OSX 10.5 Leopard.
+ * This corrects a duplicate symbol error
*/
/* explicit template instantiation required for some systems */
+/* ACLHTTPRepHeader + ACLHTTPReqHeader */
template class ACLStrategised<HttpHeader*>;
+
+/* ACLMyPortName + ACLMyPeerName */
+template class ACLStrategised<const char *>;
ACLMyPort.h \
ACLMyPortName.cc \
ACLMyPortName.h \
+ ACLPeerName.cc \
+ ACLPeerName.h \
ACLProtocol.cc \
ACLProtocol.h \
ACLProtocolData.cc \
# cache_peer_access mycache.mydomain.net allow asexample
# cache_peer_access mycache_mydomain.net deny all
+ acl aclname peername myPeer ...
+ # match against a named cache_peer entry
+ # set unique name= on cache_peer lines for reliable use.
+
acl aclname time [day-abbrevs] [h1:m1-h2:m2]
# day-abbrevs:
# S - Sunday
tcp_outgoing_address 2002::1 to_ipv6
tcp_outgoing_address 10.1.0.3 !to_ipv6
+
+ WARNING:
+ 'dst ipv6' bases its selection assuming DIRECT access.
+ If peers are used the peername ACL are needed to select outgoing
+ address which can link to the peer.
+
DOC_END
COMMENT_START
use 'name=xxx' if you have multiple peers on the same
host but different ports. This name can be used to
differentiate the peers in cache_peer_access and similar
- directives.
+ directives. Including the peername ACL type.
use 'forceddomain=name' to forcibly set the Host header
of requests forwarded to this peer. Useful in accelerator
#endif
- outgoing = getOutgoingAddr(request);
+ outgoing = getOutgoingAddr(request, fs->_peer);
tos = getOutgoingTOS(request);
}
IPAddress
-getOutgoingAddr(HttpRequest * request)
+getOutgoingAddr(HttpRequest * request, struct peer *dst_peer)
{
ACLChecklist ch;
if (request && request->flags.spoof_client_ip)
return request->client_addr;
+ ch.dst_peer = dst_peer;
+
if (request) {
ch.src_addr = request->client_addr;
ch.my_addr = request->my_addr;
if (squid_curtime - p->stats.last_connect_probe == 0)
return ret;/* don't probe to often */
- IPAddress temp(getOutgoingAddr(NULL));
+ IPAddress temp(getOutgoingAddr(NULL,p));
fd = comm_open(SOCK_STREAM, IPPROTO_TCP, temp, COMM_NONBLOCKING, p->host);
SQUIDCEXTERN void peerDigestNotePeerGone(PeerDigest * pd);
SQUIDCEXTERN void peerDigestStatsReport(const PeerDigest * pd, StoreEntry * e);
-extern IPAddress getOutgoingAddr(HttpRequest * request);
+extern IPAddress getOutgoingAddr(HttpRequest * request, struct peer *dst_peer);
unsigned long getOutgoingTOS(HttpRequest * request);
SQUIDCEXTERN void urnStart(HttpRequest *, StoreEntry *);
statCounter.server.all.requests++;
statCounter.server.other.requests++;
/* Create socket. */
- IPAddress temp = getOutgoingAddr(request);
+ IPAddress temp = getOutgoingAddr(request,NULL);
sock = comm_openex(SOCK_STREAM,
IPPROTO_TCP,
temp,
projects / thirdparty / squid.git / commitdiff
