From roderick@stud187236.mobiel.utwente.nl  Sat Jan 17 16:38:25 2004
Return-Path: <roderick@stud187236.mobiel.utwente.nl>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DABA516A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Jan 2004 16:38:24 -0800 (PST)
Received: from netlx050.vf.utwente.nl (netlx050.vf.utwente.nl [192.87.17.19])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 95EA843D1D
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Jan 2004 16:38:22 -0800 (PST)
	(envelope-from roderick@stud187236.mobiel.utwente.nl)
Received: from stud187236.mobiel.utwente.nl (stud187236.mobiel.utwente.nl [130.89.187.236])
          by netlx050.vf.utwente.nl (8.11.7/HKD) with ESMTP id i0I0c9f26038
          for <FreeBSD-gnats-submit@freebsd.org>; Sun, 18 Jan 2004 01:38:10 +0100
Received: from stud187236.mobiel.utwente.nl (localhost [127.0.0.1])
	by stud187236.mobiel.utwente.nl (8.12.10/8.12.10) with ESMTP id i0I0bU8V027715
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 18 Jan 2004 01:37:30 +0100 (CET)
	(envelope-from roderick@stud187236.mobiel.utwente.nl)
Received: (from root@localhost)
	by stud187236.mobiel.utwente.nl (8.12.10/8.12.10/Submit) id i0I0bUl5027706;
	Sun, 18 Jan 2004 01:37:30 +0100 (CET)
	(envelope-from roderick)
Message-Id: <200401180037.i0I0bUl5027706@stud187236.mobiel.utwente.nl>
Date: Sun, 18 Jan 2004 01:37:30 +0100 (CET)
From: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [patch] New RC script: accf_http
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         61504
>Category:       conf
>Synopsis:       [patch] New RC script: accf_http
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    dougb
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jan 17 16:40:09 PST 2004
>Closed-Date:    Thu May 18 05:15:41 GMT 2006
>Last-Modified:  Thu May 18 05:15:41 GMT 2006
>Originator:     Roderick van Domburg
>Release:        FreeBSD 5.2-CURRENT sparc64
>Organization:
University of Twente 
>Environment:
System: FreeBSD stud187236.mobiel.utwente.nl 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Sun Jan 11 14:03:52 CET 2004 roderick@magog.student.utwente.nl:/usr/obj/usr/src/sys/MAGOG sparc64


	
>Description:
This addition to the RC ring of scripts allows control of accf_http(9),
the HTTP accept filter. While this filter is generally used as a module,
there were no facilities to load it automatically.
	
>How-To-Repeat:
	
>Fix:
Attached are the RC script itself, an update to the default rc.conf and an
update to the rc.conf(5) man page.

	

--- accf_http begins here ---
#!/bin/sh

# PROVIDE: accf_http
# KEYWORD: FreeBSD

. /etc/rc.subr

name="accf_http"
rcvar="accf_http_enable"
start_cmd="accf_http_start"
stop_cmd="accf_http_stop"
extra_commands="unload"
unload_cmd="accf_http_unload"

accf_http_start()
{
	if ! ${SYSCTL} net.inet.accf.http.parsehttpversion > /dev/null 2>&1; then
		if ! kldload accf_http; then
			warn unable to load HTTP accept filter.
			return 1
		else
			echo "HTTP accept filter enabled"
			return 0
		fi
	else
		# already started
		return 0
	fi
}

accf_http_stop()
{
	unloadable=`"${SYSCTL}" -n net.inet.accf.unloadable`
	if [ ${unloadable} = "1" ]; then
		if kldunload accf_http > /dev/null 2>&1; then
			echo "HTTP accept filter unloaded"
			return 0
		else
			warn unable to unload HTTP accept filter.
			return 1
		fi
	else
		warn HTTP accept filter currently not made unloadable.
		warn Execute with 'unload' to unload anyway \(not
		warn recommended\). 
		return 1
	fi
}

accf_http_unload()
{
	${SYSCTL} net.inet.accf.unloadable=1
	accf_http_stop
}

load_rc_config $name
run_rc_command "$1"
--- accf_http ends here ---

--- rc.conf.5.patch begins here ---
--- /usr/src/share/man/man5/rc.conf.5.old	Sun Jan 18 01:23:22 2004
+++ /usr/src/share/man/man5/rc.conf.5	Sun Jan 18 01:30:44 2004
@@ -254,6 +254,12 @@
 The NIS domain name of this host, or
 .Dq Li NO
 if NIS is not used.
+.It Va accf_http_enable
+.Pq Vt bool
+Set to
+.Dq Li YES
+to enable the HTTP accept filter.
+Webservers that support this feature can use it to reduce system load.
 .It Va dhclient_program
 .Pq Vt str
 Path to the DHCP client program
--- rc.conf.5.patch ends here ---

--- rc.conf.patch begins here ---
--- /etc/defaults/rc.conf.old	Sun Jan 18 01:20:43 2004
+++ /etc/defaults/rc.conf	Sun Jan 18 01:22:08 2004
@@ -60,6 +60,7 @@
 ### Basic network and firewall/security options: ###
 hostname=""			# Set this!
 nisdomainname="NO"		# Set to NIS domain if using NIS (or NO).
+accf_http_enable="NO"		# Set to YES to enable the HTTP accept filter
 dhclient_program="/sbin/dhclient"	# Path to dhcp client program.
 dhclient_flags=""		# Additional flags to pass to dhcp client.
 background_dhclient="NO"	# Start dhcp client in the background.
--- rc.conf.patch ends here ---


>Release-Note:
>Audit-Trail:

From: "Roderick van Domburg" <r.s.a.vandomburg@student.utwente.nl>
To: <freebsd-gnats-submit@FreeBSD.org>,
	<r.s.a.vandomburg@student.utwente.nl>
Cc:  
Subject: Re: misc/61504: [patch] New RC script: accf_http
Date: Sun, 18 Jan 2004 02:09:35 +0100

 One minor addition should be made to /etc/rc.d/accf_http:
 
 # BEFORE: localpkg
 
Responsible-Changed-From-To: freebsd-bugs->mtm 
Responsible-Changed-By: ceri 
Responsible-Changed-When: Sun Jan 18 08:30:04 PST 2004 
Responsible-Changed-Why:  
Assign to Mr RC Ng. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=61504 

From: Mike Makonnen <mtm@identd.net>
To: bug-followup@freebsd.org
Cc:  
Subject: Re: misc/61504 [patch] New RC script: accf_http
Date: Thu, 19 Feb 2004 10:55:10 +0300

 I'm not sure if this belongs in the base system. Granted, we don't
 have a clear policy on what criteria a module needs to satisfy
 before it gets an rc.d script, but I'm not sure this would be
 of use to a large section of FreeBSD users.
 
 Cheers.
 -- 
 Mike Makonnen  | GPG-KEY: http://www.identd.net/~mtm/mtm.asc
 mtm@identd.net | Fingerprint: AC7B 5672 2D11 F4D0 EBF8  5279 5359 2B82 7CD4 1F55
 mtm@FreeBSD.Org| FreeBSD - Unleash the Daemon !

From: "Roderick van Domburg" <r.s.a.vandomburg@student.utwente.nl>
To: <freebsd-gnats-submit@FreeBSD.org>
Cc:  
Subject: Re: misc/61504: [patch] New RC script: accf_http
Date: Sat, 21 Feb 2004 00:12:57 +0100

 Perhaps it would be a good idea to write up such criteria. There are quite a
 number of rcNG scripts that aren't of any use to the average FreeBSD user.
 Perhaps NetBSD already has a guideline or two?
 
State-Changed-From-To: open->feedback 
State-Changed-By: dougb 
State-Changed-When: Wed Feb 22 02:01:40 UTC 2006 
State-Changed-Why:  

Is this something you still feel belongs in the base, 
or could it be better handled as a port? 


Responsible-Changed-From-To: mtm->dougb 
Responsible-Changed-By: dougb 
Responsible-Changed-When: Wed Feb 22 02:01:40 UTC 2006 
Responsible-Changed-Why:  

Since Mike has been MIA for a while, I will handle the feedback. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=61504 
State-Changed-From-To: feedback->closed 
State-Changed-By: dougb 
State-Changed-When: Thu May 18 05:14:57 UTC 2006 
State-Changed-Why:  

Feedback timeout. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=61504 
>Unformatted:
