You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by jp...@apache.org on 2012/10/24 05:45:36 UTC

svn commit: r1401532 - /trafficserver/site/trunk/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext

Author: jpeach
Date: Wed Oct 24 03:45:35 2012
New Revision: 1401532

URL: http://svn.apache.org/viewvc?rev=1401532&view=rev
Log:
TS-1548: Update documentation for ip_allow.config

Patch from Nick Berry <nb...@linkedin.com>.

Modified:
    trafficserver/site/trunk/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext

Modified: trafficserver/site/trunk/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext
URL: http://svn.apache.org/viewvc/trafficserver/site/trunk/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext?rev=1401532&r1=1401531&r2=1401532&view=diff
==============================================================================
--- trafficserver/site/trunk/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext (original)
+++ trafficserver/site/trunk/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext Wed Oct 24 03:45:35 2012
@@ -32,21 +32,27 @@ applies the changes to all other nodes i
 Each line in the `ip_allow.config` file must have the following format:
 
     :::text
-    src_ip=ipaddress action=ip_allow | ip_deny
+    src_ip=<range of IP addresses> action=<action> [method=<list of methods separated by '|'>]
 
-where ipaddress is the IP address or range of IP addresses of the clients
-allowed to access the Traffic Server proxy cache, the action `ip_allow`
-enables the specified clients to access the Traffic Server proxy cache,
-and `ip_deny` denies the specified clients to access the Traffic Server
-proxy cache.
-
-By default, the `ip_allow.config` file contains the following line, which
-allows all clients to access the Traffic Server proxy cache. To restrict
-access, comment out or delete this line before adding rules:
+where src_ip is the IP address or range of IP addresses of the client(s).
+The action `ip_allow` enables the specified client(s) to access the Traffic
+Server proxy cache, and `ip_deny` denies the specified client(s) to access
+the Traffic Server proxy cache.
+Multiple method keywords can be specified (method=GET method=HEAD), or
+multiple methods can be separated by an '|' (method=GET|HEAD).  The method
+keyword is optional and it is defaulted to ALL. Available methods: ALL, GET,
+CONNECT, DELETE, HEAD, ICP_QUERY, OPTIONS, POST, PURGE, PUT, TRACE, PUSH
+
+By default, the `ip_allow.config` file contains the following lines, which
+allows all methods to localhost to access the Traffic Server proxy cache
+and denies PUSH, PURGE and DELETE to all IPs (note this allows all other
+methods to all IPs):
 
     :::text
-    src_ip=0.0.0.0-255.255.255.255 action=ip_allow
-
+    src_ip=127.0.0.1                                  action=ip_allow method=ALL
+    src_ip=::1                                        action=ip_allow method=ALL
+    src_ip=0.0.0.0-255.255.255.255                    action=ip_deny  method=PUSH|PURGE|DELETE
+    src_ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff action=ip_deny  method=PUSH|PURGE|DELETE
 
 # Examples # {#Examples}