diff options
author | Chris Buechler <cmb@pfsense.org> | 2016-01-05 22:29:30 -0600 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2016-01-05 22:29:30 -0600 |
commit | f225cb92509f15928d35d2815a558463cd0b34cf (patch) | |
tree | 153792eb38d0726c4a16e0b6526d2fb0de191ff6 | |
parent | 6c301424fa6fb550d156e2b41fb6145720a60445 (diff) | |
download | pfsense-f225cb92509f15928d35d2815a558463cd0b34cf.zip pfsense-f225cb92509f15928d35d2815a558463cd0b34cf.tar.gz |
Include limit_conn config for CP maxprocperip
-rw-r--r-- | src/etc/inc/system.inc | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc index fa8ac48..cc3d184 100644 --- a/src/etc/inc/system.inc +++ b/src/etc/inc/system.inc @@ -1195,8 +1195,7 @@ function system_generate_nginx_config($filename, if (empty($maxprocperip)) { $maxprocperip = 10; } - $captive_portal_maxprocperip = "limit_conn_zone \$binary_remote_addr zone=addr:10m;\n"; - $captive_portal_maxprocperip .= "limit_conn addr $maxprocperip\n"; + $captive_portal_maxprocperip = "\t\tlimit_conn addr $maxprocperip;\n"; } @@ -1259,6 +1258,14 @@ http { access_log syslog:server=unix:/var/run/log,facility=local5 combined; +EOD; + +if ($captive_portal !== false) { + $nginx_config .= "\tlimit_conn_zone \$binary_remote_addr zone=addr:10m;\n"; +} + +$nginx_config .= <<<EOD + server { listen {$nginx_port}; listen [::]:{$nginx_port}; @@ -1285,6 +1292,7 @@ EOD; if ($captive_portal !== false) { $nginx_config .= <<<EOD +$captive_portal_maxprocperip $cp_hostcheck $cp_rewrite |