3

I have been trying to send a BAN request via curl to the Varnish server to invalid cached content. The url contains some regex for Varnish to check against. I have been successfully sending this request:

1. curl -X BAN "https://oursite.com/product/item/(100|7|9||8|7|6|5|4|2|1)"

<!DOCTYPE html>
<html>
  <head>
    <title>200 Ban added</title>
  </head>
  <body>
    <h1>Error 200 Ban added</h1>
    <p>Ban added</p>
    <h3>Guru Meditation:</h3>
    <p>XID: 66211</p>
    <hr>
    <p>Varnish cache server</p>
  </body>
</html>

but with a more complicated url

2. curl -X BAN "https://oursite.com/product/(search/home$|item/(391|1232))"

// What I'm trying to remove are:

1./product/search/home
2./product/item/391
3./product/item/1232

default.vcl

if (req.method == "BAN") {

        if (!client.ip ~ purge) {

            return(synth(403, "Not allowed."));
        }

        ban("req.url ~ ^"+req.url);

        return(synth(200, "Ban added"));
}

Varnish log:

*   << BeReq    >> 163855
-   Begin          bereq 163854 pass
-   Timestamp      Start: 1450969228.080453 0.000000 0.000000
-   BereqMethod    BAN
-   BereqURL       /product/(search/home$|item/(391|1232))
-   BereqProtocol  HTTP/1.1
-   BereqHeader    User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
-   BereqHeader    Host: oursite.com

The curl request has been successfully made as shown in varnishlog, but I don't know why the regex doesn't work. None of the pages are purged. Can anyone tell me what's the problem? What characters do I need to escape?

RedGiant
  • 4,444
  • 11
  • 59
  • 146
  • is the subexpression `search/home$` meant to contain a literal dollar sign OR and "end-of-string" marker? It will help if you list separately each match you hope to make and indicate if there are any literal chars that might be confused with reg-ex chars. Good luck. – shellter Dec 24 '15 at 14:53
  • @shellter Thank you for your suggestions. I have updated the post. The dollar sign represents 'end of string'. I just checked that the curl request has been successfully made, so it must be the regex that is preventing the problem. – RedGiant Dec 24 '15 at 15:02
  • FYI: use varnishadm ban.list to see how the ban regex is stored. And try to be lurker friendly (don't ban by req.*) http://book.varnish-software.com/4.0/chapters/Cache_Invalidation.html#lurker-friendly-bans – matheuzzy Mar 22 '16 at 17:49

1 Answers1

0

The regex seems fine.
I think you should try to escape the slashes after the first parenthesis. I assume Varnish is interpreting the expression between parenthesis as a regex (which is fine) and in a regex slashes are delimiters (some kind of special characters).
This might work:

curl -X BAN "https://oursite.com/product/(search\/home$|item\/(391|1232))"
Redithion
  • 986
  • 1
  • 19
  • 32