+/* *************************************************************************
+ * connection-sharing (0|1)
+ * *************************************************************************/
+#ifdef FEATURE_CONNECTION_SHARING
+ case hash_connection_sharing :
+ if (parse_toggle_state(cmd, arg) == 1)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_CONNECTION_SHARING;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_CONNECTION_SHARING;
+ }
+ break;
+#endif
+
+/* *************************************************************************
+ * debug n
+ * Specifies debug level, multiple values are ORed together.
+ * *************************************************************************/
+ case hash_debug :
+ config->debug |= atoi(arg);
+ break;
+
+/* *************************************************************************
+ * default-server-timeout timeout
+ * *************************************************************************/
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+ case hash_default_server_timeout :
+ if (*arg != '\0')
+ {
+ int timeout = atoi(arg);
+ if (0 <= timeout)
+ {
+ config->default_server_timeout = (unsigned int)timeout;
+ }
+ else
+ {
+ log_error(LOG_LEVEL_FATAL,
+ "Invalid default-server-timeout value: %s", arg);
+ }
+ }
+ break;
+#endif
+
+/* *************************************************************************
+ * deny-access source-ip[/significant-bits] [dest-ip[/significant-bits]]
+ * *************************************************************************/
+#ifdef FEATURE_ACL
+ case hash_deny_access:
+ strlcpy(tmp, arg, sizeof(tmp));
+ vec_count = ssplit(tmp, " \t", vec, SZ(vec));
+
+ if ((vec_count != 1) && (vec_count != 2))
+ {
+ log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
+ "deny-access directive in configuration file.");
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Wrong number of parameters for "
+ "deny-access directive in configuration file.<br><br>\n");
+ break;
+ }
+
+ /* allocate a new node */
+ cur_acl = (struct access_control_list *) zalloc(sizeof(*cur_acl));
+
+ if (cur_acl == NULL)
+ {
+ log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
+ /* Never get here - LOG_LEVEL_FATAL causes program exit */
+ break;
+ }
+ cur_acl->action = ACL_DENY;
+
+ if (acl_addr(vec[0], cur_acl->src) < 0)
+ {
+ log_error(LOG_LEVEL_ERROR, "Invalid source address, port or netmask "
+ "for deny-access directive in configuration file: \"%s\"", vec[0]);
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Invalid source address, port or netmask "
+ "for deny-access directive in configuration file: \"");
+ string_append(&config->proxy_args,
+ vec[0]);
+ string_append(&config->proxy_args,
+ "\"<br><br>\n");
+ freez(cur_acl);
+ break;
+ }
+ if (vec_count == 2)
+ {
+ if (acl_addr(vec[1], cur_acl->dst) < 0)
+ {
+ log_error(LOG_LEVEL_ERROR, "Invalid destination address, port or netmask "
+ "for deny-access directive in configuration file: \"%s\"", vec[1]);
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Invalid destination address, port or netmask "
+ "for deny-access directive in configuration file: \"");
+ string_append(&config->proxy_args,
+ vec[1]);
+ string_append(&config->proxy_args,
+ "\"<br><br>\n");
+ freez(cur_acl);
+ break;
+ }
+ }
+#ifdef HAVE_RFC2553
+ else
+ {
+ cur_acl->wildcard_dst = 1;
+ }
+#endif /* def HAVE_RFC2553 */
+
+ /*
+ * Add it to the list. Note we reverse the list to get the
+ * behaviour the user expects. With both the ACL and
+ * actions file, the last match wins. However, the internal
+ * implementations are different: The actions file is stored
+ * in the same order as the file, and scanned completely.
+ * With the ACL, we reverse the order as we load it, then
+ * when we scan it we stop as soon as we get a match.
+ */
+ cur_acl->next = config->acl;
+ config->acl = cur_acl;
+
+ break;
+#endif /* def FEATURE_ACL */
+
+/* *************************************************************************
+ * enable-edit-actions 0|1
+ * *************************************************************************/
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+ case hash_enable_edit_actions:
+ if (parse_toggle_state(cmd, arg) == 1)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_CGI_EDIT_ACTIONS;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_CGI_EDIT_ACTIONS;
+ }
+ break;
+#endif /* def FEATURE_CGI_EDIT_ACTIONS */
+
+/* *************************************************************************
+ * enable-compression 0|1
+ * *************************************************************************/
+#ifdef FEATURE_COMPRESSION
+ case hash_enable_compression:
+ if (parse_toggle_state(cmd, arg) == 1)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_COMPRESSION;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_COMPRESSION;
+ }
+ break;
+#endif /* def FEATURE_COMPRESSION */
+
+
+/* *************************************************************************
+ * enable-remote-toggle 0|1
+ * *************************************************************************/
+#ifdef FEATURE_TOGGLE
+ case hash_enable_remote_toggle:
+ if (parse_toggle_state(cmd, arg) == 1)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_CGI_TOGGLE;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_CGI_TOGGLE;
+ }
+ break;
+#endif /* def FEATURE_TOGGLE */
+
+/* *************************************************************************
+ * enable-remote-http-toggle 0|1
+ * *************************************************************************/
+ case hash_enable_remote_http_toggle:
+ if (parse_toggle_state(cmd, arg) == 1)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_HTTP_TOGGLE;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_HTTP_TOGGLE;
+ }
+ break;
+
+/* *************************************************************************
+ * enforce-blocks 0|1
+ * *************************************************************************/
+ case hash_enforce_blocks:
+#ifdef FEATURE_FORCE_LOAD
+ if (parse_toggle_state(cmd, arg) == 1)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_ENFORCE_BLOCKS;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_ENFORCE_BLOCKS;
+ }
+#else
+ log_error(LOG_LEVEL_ERROR, "Ignoring directive 'enforce-blocks'. "
+ "FEATURE_FORCE_LOAD is disabled, blocks will always be enforced.");
+#endif /* def FEATURE_FORCE_LOAD */
+ break;
+
+/* *************************************************************************
+ * filterfile file-name
+ * In confdir by default.
+ * *************************************************************************/
+ case hash_filterfile :
+ i = 0;
+ while ((i < MAX_AF_FILES) && (NULL != config->re_filterfile[i]))
+ {
+ i++;
+ }
+
+ if (i >= MAX_AF_FILES)
+ {
+ log_error(LOG_LEVEL_FATAL, "Too many 'filterfile' directives in config file - limit is %d.\n"
+ "(You can increase this limit by changing MAX_AF_FILES in project.h and recompiling).",
+ MAX_AF_FILES);
+ }
+ config->re_filterfile_short[i] = strdup(arg);
+ config->re_filterfile[i] = make_path(config->confdir, arg);