varnish 配置文件分享(sens杨 注释)

前言：
varnish 为目前新兴起来的软件，由于中文文档比较少，配置文件比较复杂，所以在运用起来也是特别的费劲。一个偶然的机会在一个群里，有位varnish高手（ sens杨 ）发表了一篇他对varnish配置文件理解的文档。对于学者来说很有价值。所以转载了过来。

原文如下：

varnish配置文件原文地址:http://groups.drupal.org/node/63203

注：红色字体是英文的直接翻译，有些地方翻译的不好
绿色部分是一些思考，这个配置对自身的业务配置的很详细，现在对除了cookie和TTL那部分外其他可以理解80%，慢慢学习体会

1. backend default {  
2.   .host = "127.0.0.1";  
3.   .port = "8008";  
4.   .connect_timeout = 600s;  
5.   .first_byte_timeout = 600s;  
6.   .between_bytes_timeout = 600s;  
7. }  
8.   
9. backend lighttpd {  
10.   .host = "127.0.0.1";  
11.   .port = "81";  
12.   .connect_timeout = 600s;  
13.   .first_byte_timeout = 600s;  
14.   .between_bytes_timeout = 600s;  
15. }  
16.   
17. acl techmission_internal {  
18.   "localhost";  
19.   "127.0.0.1";  
20. }  
21. sub vcl_recv {  
22.   // Allow a grace period for offering "stale" data in case backend lags (http://varnish-cache.org/wiki/VCLExampleGrace)  
23. // 如果backend数据滞后，允许为“过时”数据提供一个宽松期  
24.   set req.grace = 5m;  
25.   // block outside world from our test sites  
26. // 阻止非自己说测试网站（的数据访问）  
27.   if ((req.http.host ~ "www.domain1.org|www.domain2.org") && !(client.ip ~ techmission_internal) && !(req.url ~ "^/ad|^/files")) {  
28.     error 403 "Forbidden";  
29.   }  
30.   if((req.url ~ "/server-status" || req.url ~ "/whm-server-status") && !(client.ip ~ techmission_internal)) {  
31.   error 404 "Not Found";  
32.   }  
33.   // add ping url to test Varnish status  
34. // 增加ping URL测试varnish状态（这个功能使用大部分vcl都没配置，可以增加一个监控状态）  
35.   if (req.request == "GET" && req.url ~ "/varnish-ping") {  
36.   error 200 "OK";  
37.   }  
38. /* Normalize host header to reduce variation in cache */  
39. // 使host头规范化，以减少在cache中变化（这个为什么会说变化呢？）  
40. if (req.http.host == "domain.org" && req.url !~ "^/blogs") {  
41.   set req.http.host = "www.domain.org";  
42. }  
43.   
44. /* Normalize Accept-Encoding to reduce effects of Vary: Accept-Encoding   
45.    (cf. http://varnish-cache.org/wiki/FAQ/Compression)  
46.    Also note that Vary: User-Agent is considered harmful   
47.    (cf. http://www.mail-archive.com/varnish-misc@projects.linpro.no/msg03296.html) */  
48. //规范化Accept-Encoding以减少Vary：Accept-Encoding影响（cf），也要注意Vary: User-Agent认为是有害的  
49.   
50.   if (req.http.Accept-Encoding) {  
51. //if先判断是否可以存在，是为了缩小处理范围？  
52. //看到的其他大部分配置直接就下面了，没有先判断Accept-Encoding是否存在，这点可以再考虑考虑  
53. //现在有req.can_gzip参数了，判断客户端是否接受压缩代码传输  
54.     if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {  
55.       // Don't compress already-compressed files  
56.       remove req.http.Accept-Encoding;  
57.     }   
58.     elsif (req.http.Accept-Encoding ~ "gzip") {  
59.         set req.http.Accept-Encoding = "gzip";  
60.     }   
61.     elsif (req.http.Accept-Encoding ~ "deflate") {  
62.         set req.http.Accept-Encoding = "deflate";  
63.     }   
64.     else {  
65.       // unknown algorithm  
66. // 不了解运算  
67.       remove req.http.Accept-Encoding;  
68.     }  
69.   }  
70.   
71.   // Remove has_js and Google Analytics __* cookies. Also remove collapsiblock cookies.  
72. //删除has_js和谷歌统计__*的cookies，同时删除collapsiblock cookies  
73.   set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|__utma_a2a|has_js|collapsiblock)=[^;]*", "");  
74.   // Remove JSESSIONID cookie from ChristianVolunteering.org static files and pages that are same for all users  
75. //从ChristianVolunteering.org静态文件和网页中删除JSESSIONID cookie，所有的用户是一样（处理）的  
76.     if (req.http.host ~ "christianvolunteering.org" &&  
77.          (req.url ~ "^/$" ||  
78.           req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||  
79.           req.url ~ "org/org[0-9]+\.jsp$" ||  
80.           req.url ~ "org/opp[0-9]+\.jsp$" ||  
81.           req.url ~ "orglistings[0-9]+\.jsp$" ||  
82.           req.url ~ "org/[^/]+\.jsp$" ||  
83.           req.url ~ "volunteer/[^/]+\.jsp$")  
84.         ) {   
85.     set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");  
86.   }  
87.   // Remove a ";" prefix, if present.  
88. //如果有”;”前缀，则删除  
89.   set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");  
90.   // Remove empty cookies.  
91. // 删除空cookies  
92.   if (req.http.Cookie ~ "^\s*$") {  
93.     unset req.http.Cookie;  
94.   }   
95.   
96.   // exclude umjobs and gospelpedia test sites  
97. // 排除umjos和gospelpedia测试站点  
98.   if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {  
99.     return (pass);  
100.   }  
101.   
102.   // exclude the cron and supercron pages  
103. // 排除cron和supercron网页  
104.   if (req.url ~ "cron.php") {  
105.     return (pass);  
106.   }  
107.   // exclude dynamic pages (as did Boost)  
108. // 排除动态网页（也是提高（处理））  
109.   if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {  
110.     return (pass);  
111.   }  
112.   
113.   // exclude in case of Referer Theme  
114. // 排除Referer的一些主题  
115.   if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {  
116.     return (pass);  
117.   }  
118.   /* Rules to fix Moodle (thanks, gchaix!) */  
119. // 修复Moodle规则  
120.    // Cache Moodle theme files  
121. //缓存Moodle主题文件  
122.    if (req.url ~ "/pix/.*\.gif$") {  
123.      return (lookup);  
124.    }  
125.   
126.     // Moodle doesn't like to be cached, passing  
127. //Moodle主题不能缓存的就pass  
128.     if (req.http.Cookie ~ "(MoodleSession|MoodleSessionTest)") {  
129.       return (pass);  
130.     }  
131.     if (req.http.host == "www.domain.edu" && req.url ~ "^/courses") {  
132.       return (pass);  
133.     }  
134.     if (req.url ~ "file.php") {  
135.       return (pass);  
136.     }  
137.   
138.     // WPMU themes are not playing well with static file caching  
139. //WPMU主题使用静态文件缓存运行的不太好  
140.     if (req.http.host == "domain.org" && req.url ~ "/blogs/(.*)/wp-content/themes") {  
141.       return (pass);  
142.     }  
143.   /* Rules for static file caching */  
144.   /* 静态文件缓存规则  
145.   // static files get served by Lighttpd  
146. // 使用Lightted服务静态文件  
147.   if (req.http.host != "server2.techmission.org" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {  
148.      // Lighttpd does not require cookies  
149.      unset req.http.Cookie;  
150.      unset req.http.Authorization;  
151.      set req.backend = lighttpd;  
152.   }  
153.   
154.   // large media files get piped directly to lighttpd, to avoid overfilling cache  
155. // 大媒体文件直接使用pipe方式到lightted，避免缓存溢出  
156.   if (req.url ~ "\.(mp3|mp4|m4a|ogg|mov|avi|wmv)$" && req.url !~ "audio/download") {  
157.     set req.backend = lighttpd;  
158.     pipe;  
159.   }  
160.   // pipe large media files that come from Drupal, also, but they can't go to lighty  
161. // pipe从Drupal过来的大媒体文件，同时不去lighty  
162.   if (req.url ~ "audio/play" || req.url ~ "audio/download") {  
163.     pipe;  
164.   }  
165.   
166. }  
167. sub vcl_hash {  
168.   if (req.http.Cookie) {  
169.     set req.hash += req.http.Cookie;  
170.   }  
171.   /* Have a separate object cache for mobile site based on User-Agent */  
172. /* 基于User-Agent的移动网站有一个单独的对象缓存  
173.   if (req.http.host == "www.domain.org" && req.http.User-Agent ~ "(iPhone|iPod)") {  
174.     set req.hash += "mobile";  
175.   }  
176. }  
177. sub vcl_fetch {  
178.   // Grace to allow varnish to serve content if backend is lagged  
179. // 如果backend滞后，允许varnish服务内容有一个缓冲期  
180.   set obj.grace = 5m;  
181.   
182.   // Add line showing what cookie is once stripped by regex in vcl_recv  
183. //在vcl_recv中通过regex增加展示cookie一次被剥夺的行  
184.   set obj.http.X-Stripped-Cookie = req.http.Cookie;  
185.   set obj.http.X-Request-URL = req.url;  
186.   
187.   /* removing Set-Cookie headers that prevent caching */  
188.  //删除那些阻止缓存的Set-Cookie头  
189.   // Don't have cookies on static files (gchaix says may cause loss of session; I haven't observed that)  
190.     if (req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {  
191.     remove obj.http.Set-Cookie;  
192.   }  
193.   
194.   // Don't set session cookie on ChristianVolunteering.org static files or pages that are same for all users  
195. //对于（头）ChristianVolunteering.org的静态文件和网页，对所有用户不设置session cookie  
196.     if (req.http.host ~ "christianvolunteering.org" &&  
197.          (req.url ~ "^/$" ||  
198.           req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||  
199.           req.url ~ "org/org[0-9]+\.jsp$" ||  
200.           req.url ~ "org/opp[0-9]+\.jsp$" ||  
201.           req.url ~ "orglistings[0-9]+\.jsp$" ||  
202.   req.url ~ "org/[^/]+\.jsp$" ||  
203.           req.url ~ "volunteer/[^/]+\.jsp$")  
204.         ) {     
205.     set obj.http.Set-Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");  
206.     // Remove empty set-cookie.  
207.     if (obj.http.Set-Cookie ~ "^\s*$") {  
208.       unset obj.http.Set-Cookie;  
209.     }  
210.   }  
211.   
212. /* ttl extensions */  
213. /* ttl 扩展 */  
214. // If on www.urbanministry.org or static.urbanministry.org, extend TTL by default (pt. 1)  
215. //对于www.urbanministry.org或static.urbanministry.org，默认情况下扩展TTL  
216.   if (req.http.host == "www.domain.org" || req.http.host == "static.domain.org") {  
217.     set obj.http.X-TTL-Extend = "YES";  
218.   }  
219.   
220.   // If on cityvision.edu, but not in Moodle, or if on blazinggrace.org, but not in forums, or if on techmission.org, change obj.ttl  
221. //如果主机头是cityvision.edu但是不在Moodle中，或者主机头是blazinggrace.org，但不在forums中，或者主机头是techmission.org，更改obj.ttl  
222.   if ((req.http.host ~ "domain.edu" && req.url !~ "/courses") || (req.http.host ~ "blazinggrace.org" && req.url !~ "/forums")  || (req.http.host ~ "techmission.org")) {  
223.    set obj.ttl = 7d;  
224.    set obj.http.X-Extended-TTL = "7d";  
225. }  
226.   
227. if (obj.status == 404) {   
228.    set obj.ttl = 1s;   
229. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
230. }   
231.   
232.   /* debugging of why a page was not cacheable */  
233. /* debug为什么页面没有缓存 */  
234.   if (!obj.cacheable) {  
235.     set obj.http.X-Cacheable = "NO: Varnish says not cacheable " obj.http.X-Cacheable;  
236.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
237.   }  
238.   
239.   
240.   // exclude umjobs and gospelpedia test sites  
241. // 排除umjobs和gospelpedia测试站点  
242.   if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {  
243.     set obj.http.X-Cacheable = "NO: Test domain " obj.http.X-Cacheable;  
244.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
245.   }  
246.   
247.   if (obj.http.Set-Cookie) {  
248.     set obj.http.X-Cacheable = "NO: Set-Cookie " obj.http.X-Cacheable;  
249.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
250.   }  
251.   
252.   if (req.http.Cookie ~ "DRUPAL_UID|SESS") {  
253.     set obj.http.X-Cacheable = "NO: Got Session " obj.http.X-Cacheable;  
254.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
255.   }  
256.   
257.   if (obj.http.Cache-Control ~ "private" || obj.http.Cache-Control ~ "no-cache") {  
258.     set obj.http.X-Cacheable = "NO: Cache-Control set to not cache " obj.http.X-Cacheable;  
259.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
260.   }  
261.   
262.   if (req.url ~ "cron.php") {  
263.     set obj.http.X-Cacheable = "NO: Cron job " obj.http.X-Cacheable;  
264.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
265.   }  
266.   
267.   if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {  
268.     set obj.http.X-Cacheable = "NO: Drupal un-cacheable path " obj.http.X-Cacheable;  
269.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
270.   }  
271.   
272.   if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {  
273.     set obj.http.X-Cacheable = "NO: Referer Theme " obj.http.X-Cacheable;  
274.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
275.   }  
276.   
277.   if (req.request == "POST") {  
278.     set obj.http.X-Cacheable = "NO: POST request " obj.http.X-Cacheable;  
279.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
280.   }  
281.   
282.   if (req.http.Authorization) {  
283.     set obj.http.X-Cacheable = "NO: HTTP Authentication " obj.http.X-Cacheable;  
284.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
285.   }  
286.   
287.   // extend TTL for urbanministry.org objects (but not panels, views, or quicktabs); invalidation thru varnish.module + um_common.module  
288. //为urbaministry.org对象扩展TTL（不是面板、视图，或者quicktabs）；经过varnish.module + um_common.module失效  
289.   if((req.http.host == "www.domain.org" || req.http.host == "static.domain.org") && obj.http.X-TTL-Extend == "YES" && !obj.http.X-Cache-Type) {  
290.     set obj.ttl = 7d;  
291.     set obj.http.X-Extended-TTL = "7d";  
292.   }  
293.   
294. }  
295. sub vcl_deliver {  
296. # return (deliver);  
297.   // add cache hit data  
298. // 增加缓存命中数据  
299.   if (obj.hits > 0) {  
300.     // if hit add hit count  
301. // 如果命中，增加命中数  
302.     set resp.http.X-Cache = "HIT";  
303.     set resp.http.X-Cache-Hits = obj.hits;  
304.     // set resp.http.X-Cache-Served-URL = "SERVED " obj.http.X-Request-URL; // http headers are apparently not accessible in vcl_deliver  
305. //在vcl_deliver中http头明显不可访问  
306.     // set resp.http.X-Cache-TTL = obj.ttl; // string representation not implemented yet (currently on 2.0.5)  
307.   }  
308.   else {  
309.     set resp.http.X-Cache = "MISS";  
310.   }  
311. }  
312. /* custom error subroutine - to be a little friendlier to our users */  
313. //指定error子程序，对用户有好些  
314. sub vcl_error {  
315. if(obj.status == 503) {  
316.     set obj.http.Content-Type = "text/html; charset=utf-8";  
317.     synthetic {"  
318. <"string">"1.0" encoding="utf-8"?>  
319. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  
320. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
321. <html>  
322.   <head>  
323.     <title>"} obj.status " " obj.response {"</title>  
324. </head>  
325.   <body>  
326.     <h1>Error "} obj.status " " obj.response {"</h1>  
327.     <p>"} obj.response {"</p>  
328. <p>Sorry we missed you!</p>  
329. <p>We are currently upgrading our websites to serve you better. We should be up again soon.</p>  
330. <p>If you still receive this message 30 minutes from now, please email webmaster@techmission.org.</p>  
331.     <h3>Guru Meditation:</h3>  
332.     <p>XID: "} req.xid {"</p>  
333.     <hr>  
334.     <address>  
335.        Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>  
336.     </address>  
337.   </body>  
338. </html>  
339. "};  
340.     return (deliver);  
341. }  
342. elsif(obj.status == 403) {  
343.     set obj.http.Content-Type = "text/html; charset=utf-8";  
344.     synthetic {"  
345. <"string">"1.0" encoding="utf-8"?>  
346. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  
347. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
348. <html>  
349.   <head>  
350.     <title>"} obj.status " " obj.response {"</title>  
351. </head>  
352.   <body>  
353.     <h1>Error "} obj.status " " obj.response {"</h1>  
354.     <p>"} obj.response {"</p>  
355. <h2>TechMission Developer Access Only</h2>  
356. <p>This page is only accessible to our staff. Please visit our main websites www.techmission.org,www.urbanministry.org, and " title="www.christianvolunteering.org.  
357. " style="color: rgb(2, 122, 198); font-weight: bold; text-decoration: none; ">www.christianvolunteering.org.</p>  
358. <!-- (If you should have access to this page, edit the VCL file to grant yourself access (by adding your current IP to the ACL) and then reload the VCL.) -->  
359.     <h3>Guru Meditation:</h3>  
360.     <p>XID: "} req.xid {"</p>  
361.     <hr>  
362.     <address>  
363.        Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>  
364.     </address>  
365.   </body>  
366. </html>  
367. "};   
368.     return (deliver);  
369. }  
370. else {  
371.     set obj.http.Content-Type = "text/html; charset=utf-8";  
372.     synthetic {"  
373. <"string">"1.0" encoding="utf-8"?>  
374. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  
375. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
376. <html>  
377.   <head>  
378.     <title>"} obj.status " " obj.response {"</title>  
379. </head>  
380.   <body>  
381.     <h1>Error "} obj.status " " obj.response {"</h1>  
382.     <p>"} obj.response {"</p>  
383.     <h3>Guru Meditation:</h3>  
384.     <p>XID: "} req.xid {"</p>  
385.     <hr>  
386.     <address>  
387.        Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>  
388.     </address>  
389.   </body>  
390. </html>  
391. "};   
392.     return (deliver);  
393. }  
394. } 

在这里感谢 sens杨 同学对配置文档的解释。

下面小编特整理的没有前面数字的文件方法大家使用

backend default { 
 .host = "127.0.0.1"; 
 .port = "8008"; 
 .connect_timeout = 600s; 
 .first_byte_timeout = 600s; 
 .between_bytes_timeout = 600s; 
} 
 
backend lighttpd { 
 .host = "127.0.0.1"; 
 .port = "81"; 
 .connect_timeout = 600s; 
 .first_byte_timeout = 600s; 
 .between_bytes_timeout = 600s; 
} 
 
acl techmission_internal { 
 "localhost"; 
 "127.0.0.1"; 
} 
sub vcl_recv { 
 // Allow a grace period for offering "stale" data in case backend lags (http://varnish-cache.org/wiki/VCLExampleGrace) 
// 如果backend数据滞后，允许为“过时”数据提供一个宽松期 
 set req.grace = 5m; 
 // block outside world from our test sites 
// 阻止非自己说测试网站（的数据访问） 
 if ((req.http.host ~ "www.domain1.org|www.domain2.org") && !(client.ip ~ techmission_internal) && !(req.url ~ "^/ad|^/files")) { 
  error 403 "Forbidden"; 
 } 
 if((req.url ~ "/server-status" || req.url ~ "/whm-server-status") && !(client.ip ~ techmission_internal)) { 
 error 404 "Not Found"; 
 } 
 // add ping url to test Varnish status 
// 增加ping URL测试varnish状态（这个功能使用大部分vcl都没配置，可以增加一个监控状态） 
 if (req.request == "GET" && req.url ~ "/varnish-ping") { 
 error 200 "OK"; 
 } 
/* Normalize host header to reduce variation in cache */ 
// 使host头规范化，以减少在cache中变化（这个为什么会说变化呢？） 
if (req.http.host == "domain.org" && req.url !~ "^/blogs") { 
 set req.http.host = "www.domain.org"; 
} 
 
/* Normalize Accept-Encoding to reduce effects of Vary: Accept-Encoding  
  (cf. http://varnish-cache.org/wiki/FAQ/Compression) 
  Also note that Vary: User-Agent is considered harmful  
  (cf. http://www.mail-archive.com/varnish-misc@projects.linpro.no/msg03296.html) */ 
//规范化Accept-Encoding以减少Vary：Accept-Encoding影响（cf），也要注意Vary: User-Agent认为是有害的 
 
 if (req.http.Accept-Encoding) { 
//if先判断是否可以存在，是为了缩小处理范围？ 
//看到的其他大部分配置直接就下面了，没有先判断Accept-Encoding是否存在，这点可以再考虑考虑 
//现在有req.can_gzip参数了，判断客户端是否接受压缩代码传输 
  if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") { 
   // Don't compress already-compressed files 
   remove req.http.Accept-Encoding; 
  }  
  elsif (req.http.Accept-Encoding ~ "gzip") { 
    set req.http.Accept-Encoding = "gzip"; 
  }  
  elsif (req.http.Accept-Encoding ~ "deflate") { 
    set req.http.Accept-Encoding = "deflate"; 
  }  
  else { 
   // unknown algorithm 
// 不了解运算 
   remove req.http.Accept-Encoding; 
  } 
 } 
 
 // Remove has_js and Google Analytics __* cookies. Also remove collapsiblock cookies. 
//删除has_js和谷歌统计__*的cookies，同时删除collapsiblock cookies 
 set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|__utma_a2a|has_js|collapsiblock)=[^;]*", ""); 
 // Remove JSESSIONID cookie from ChristianVolunteering.org static files and pages that are same for all users 
//从ChristianVolunteering.org静态文件和网页中删除JSESSIONID cookie，所有的用户是一样（处理）的 
  if (req.http.host ~ "christianvolunteering.org" && 
     (req.url ~ "^/$" || 
     req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" || 
     req.url ~ "org/org[0-9]+\.jsp$" || 
     req.url ~ "org/opp[0-9]+\.jsp$" || 
     req.url ~ "orglistings[0-9]+\.jsp$" || 
     req.url ~ "org/[^/]+\.jsp$" || 
     req.url ~ "volunteer/[^/]+\.jsp$") 
    ) {  
  set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", ""); 
 } 
 // Remove a ";" prefix, if present. 
//如果有”;”前缀，则删除 
 set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", ""); 
 // Remove empty cookies. 
// 删除空cookies 
 if (req.http.Cookie ~ "^\s*$") { 
  unset req.http.Cookie; 
 }  
 
 // exclude umjobs and gospelpedia test sites 
// 排除umjos和gospelpedia测试站点 
 if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") { 
  return (pass); 
 } 
 
 // exclude the cron and supercron pages 
// 排除cron和supercron网页 
 if (req.url ~ "cron.php") { 
  return (pass); 
 } 
 // exclude dynamic pages (as did Boost) 
// 排除动态网页（也是提高（处理）） 
 if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) { 
  return (pass); 
 } 
 
 // exclude in case of Referer Theme 
// 排除Referer的一些主题 
 if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") { 
  return (pass); 
 } 
 /* Rules to fix Moodle (thanks, gchaix!) */ 
// 修复Moodle规则 
  // Cache Moodle theme files 
//缓存Moodle主题文件 
  if (req.url ~ "/pix/.*\.gif$") { 
   return (lookup); 
  } 
 
  // Moodle doesn't like to be cached, passing 
//Moodle主题不能缓存的就pass 
  if (req.http.Cookie ~ "(MoodleSession|MoodleSessionTest)") { 
   return (pass); 
  } 
  if (req.http.host == "www.domain.edu" && req.url ~ "^/courses") { 
   return (pass); 
  } 
  if (req.url ~ "file.php") { 
   return (pass); 
  } 
 
  // WPMU themes are not playing well with static file caching 
//WPMU主题使用静态文件缓存运行的不太好 
  if (req.http.host == "domain.org" && req.url ~ "/blogs/(.*)/wp-content/themes") { 
   return (pass); 
  } 
 /* Rules for static file caching */ 
 /* 静态文件缓存规则 
 // static files get served by Lighttpd 
// 使用Lightted服务静态文件 
 if (req.http.host != "server2.techmission.org" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") { 
   // Lighttpd does not require cookies 
   unset req.http.Cookie; 
   unset req.http.Authorization; 
   set req.backend = lighttpd; 
 } 
 
 // large media files get piped directly to lighttpd, to avoid overfilling cache 
// 大媒体文件直接使用pipe方式到lightted，避免缓存溢出 
 if (req.url ~ "\.(mp3|mp4|m4a|ogg|mov|avi|wmv)$" && req.url !~ "audio/download") { 
  set req.backend = lighttpd; 
  pipe; 
 } 
 // pipe large media files that come from Drupal, also, but they can't go to lighty 
// pipe从Drupal过来的大媒体文件，同时不去lighty 
 if (req.url ~ "audio/play" || req.url ~ "audio/download") { 
  pipe; 
 } 
 
} 
sub vcl_hash { 
 if (req.http.Cookie) { 
  set req.hash += req.http.Cookie; 
 } 
 /* Have a separate object cache for mobile site based on User-Agent */ 
/* 基于User-Agent的移动网站有一个单独的对象缓存 
 if (req.http.host == "www.domain.org" && req.http.User-Agent ~ "(iPhone|iPod)") { 
  set req.hash += "mobile"; 
 } 
} 
sub vcl_fetch { 
 // Grace to allow varnish to serve content if backend is lagged 
// 如果backend滞后，允许varnish服务内容有一个缓冲期 
 set obj.grace = 5m; 
 
 // Add line showing what cookie is once stripped by regex in vcl_recv 
//在vcl_recv中通过regex增加展示cookie一次被剥夺的行 
 set obj.http.X-Stripped-Cookie = req.http.Cookie; 
 set obj.http.X-Request-URL = req.url; 
 
 /* removing Set-Cookie headers that prevent caching */ 
 //删除那些阻止缓存的Set-Cookie头 
 // Don't have cookies on static files (gchaix says may cause loss of session; I haven't observed that) 
  if (req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") { 
  remove obj.http.Set-Cookie; 
 } 
 
 // Don't set session cookie on ChristianVolunteering.org static files or pages that are same for all users 
//对于（头）ChristianVolunteering.org的静态文件和网页，对所有用户不设置session cookie 
  if (req.http.host ~ "christianvolunteering.org" && 
     (req.url ~ "^/$" || 
     req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" || 
     req.url ~ "org/org[0-9]+\.jsp$" || 
     req.url ~ "org/opp[0-9]+\.jsp$" || 
     req.url ~ "orglistings[0-9]+\.jsp$" || 
 req.url ~ "org/[^/]+\.jsp$" || 
     req.url ~ "volunteer/[^/]+\.jsp$") 
    ) {   
  set obj.http.Set-Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", ""); 
  // Remove empty set-cookie. 
  if (obj.http.Set-Cookie ~ "^\s*$") { 
   unset obj.http.Set-Cookie; 
  } 
 } 
 
/* ttl extensions */ 
/* ttl 扩展 */ 
// If on www.urbanministry.org or static.urbanministry.org, extend TTL by default (pt. 1) 
//对于www.urbanministry.org或static.urbanministry.org，默认情况下扩展TTL 
 if (req.http.host == "www.domain.org" || req.http.host == "static.domain.org") { 
  set obj.http.X-TTL-Extend = "YES"; 
 } 
 
 // If on cityvision.edu, but not in Moodle, or if on blazinggrace.org, but not in forums, or if on techmission.org, change obj.ttl 
//如果主机头是cityvision.edu但是不在Moodle中，或者主机头是blazinggrace.org，但不在forums中，或者主机头是techmission.org，更改obj.ttl 
 if ((req.http.host ~ "domain.edu" && req.url !~ "/courses") || (req.http.host ~ "blazinggrace.org" && req.url !~ "/forums") || (req.http.host ~ "techmission.org")) { 
  set obj.ttl = 7d; 
  set obj.http.X-Extended-TTL = "7d"; 
} 
 
if (obj.status == 404) {  
  set obj.ttl = 1s;  
if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
}  
 
 /* debugging of why a page was not cacheable */ 
/* debug为什么页面没有缓存 */ 
 if (!obj.cacheable) { 
  set obj.http.X-Cacheable = "NO: Varnish says not cacheable " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 
 // exclude umjobs and gospelpedia test sites 
// 排除umjobs和gospelpedia测试站点 
 if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") { 
  set obj.http.X-Cacheable = "NO: Test domain " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 if (obj.http.Set-Cookie) { 
  set obj.http.X-Cacheable = "NO: Set-Cookie " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 if (req.http.Cookie ~ "DRUPAL_UID|SESS") { 
  set obj.http.X-Cacheable = "NO: Got Session " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 if (obj.http.Cache-Control ~ "private" || obj.http.Cache-Control ~ "no-cache") { 
  set obj.http.X-Cacheable = "NO: Cache-Control set to not cache " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 if (req.url ~ "cron.php") { 
  set obj.http.X-Cacheable = "NO: Cron job " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) { 
  set obj.http.X-Cacheable = "NO: Drupal un-cacheable path " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") { 
  set obj.http.X-Cacheable = "NO: Referer Theme " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 if (req.request == "POST") { 
  set obj.http.X-Cacheable = "NO: POST request " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 if (req.http.Authorization) { 
  set obj.http.X-Cacheable = "NO: HTTP Authentication " obj.http.X-Cacheable; 
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; } 
 } 
 
 // extend TTL for urbanministry.org objects (but not panels, views, or quicktabs); invalidation thru varnish.module + um_common.module 
//为urbaministry.org对象扩展TTL（不是面板、视图，或者quicktabs）；经过varnish.module + um_common.module失效 
 if((req.http.host == "www.domain.org" || req.http.host == "static.domain.org") && obj.http.X-TTL-Extend == "YES" && !obj.http.X-Cache-Type) { 
  set obj.ttl = 7d; 
  set obj.http.X-Extended-TTL = "7d"; 
 } 
 
} 
sub vcl_deliver { 
# return (deliver); 
 // add cache hit data 
// 增加缓存命中数据 
 if (obj.hits > 0) { 
  // if hit add hit count 
// 如果命中，增加命中数 
  set resp.http.X-Cache = "HIT"; 
  set resp.http.X-Cache-Hits = obj.hits; 
  // set resp.http.X-Cache-Served-URL = "SERVED " obj.http.X-Request-URL; // http headers are apparently not accessible in vcl_deliver 
//在vcl_deliver中http头明显不可访问 
  // set resp.http.X-Cache-TTL = obj.ttl; // string representation not implemented yet (currently on 2.0.5) 
 } 
 else { 
  set resp.http.X-Cache = "MISS"; 
 } 
} 
/* custom error subroutine - to be a little friendlier to our users */ 
//指定error子程序，对用户有好些 
sub vcl_error { 
if(obj.status == 503) { 
  set obj.http.Content-Type = "text/html; charset=utf-8"; 
  synthetic {" 
<"1.0" encoding="utf-8"?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html> 
 <head> 
  <title>"} obj.status " " obj.response {"</title> 
</head> 
 <body> 
  <h1>Error "} obj.status " " obj.response {"</h1> 
  <p>"} obj.response {"</p> 
<p>Sorry we missed you!</p> 
<p>We are currently upgrading our websites to serve you better. We should be up again soon.</p> 
<p>If you still receive this message 30 minutes from now, please email webmaster@techmission.org.</p> 
  <h3>Guru Meditation:</h3> 
  <p>XID: "} req.xid {"</p> 
  <hr> 
  <address> 
    Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a> 
  </address> 
 </body> 
</html> 
"}; 
  return (deliver); 
} 
elsif(obj.status == 403) { 
  set obj.http.Content-Type = "text/html; charset=utf-8"; 
  synthetic {" 
<"1.0" encoding="utf-8"?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html> 
 <head> 
  <title>"} obj.status " " obj.response {"</title> 
</head> 
 <body> 
  <h1>Error "} obj.status " " obj.response {"</h1> 
  <p>"} obj.response {"</p> 
<h2>TechMission Developer Access Only</h2> 
<p>This page is only accessible to our staff. Please visit our main websites www.techmission.org,www.urbanministry.org, and " title="www.christianvolunteering.org. 
" style="color: rgb(2, 122, 198); font-weight: bold; text-decoration: none; ">www.christianvolunteering.org.</p> 
<!-- (If you should have access to this page, edit the VCL file to grant yourself access (by adding your current IP to the ACL) and then reload the VCL.) --> 
  <h3>Guru Meditation:</h3> 
  <p>XID: "} req.xid {"</p> 
  <hr> 
  <address> 
    Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a> 
  </address> 
 </body> 
</html> 
"};  
  return (deliver); 
} 
else { 
  set obj.http.Content-Type = "text/html; charset=utf-8"; 
  synthetic {" 
<"1.0" encoding="utf-8"?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html> 
 <head> 
  <title>"} obj.status " " obj.response {"</title> 
</head> 
 <body> 
  <h1>Error "} obj.status " " obj.response {"</h1> 
  <p>"} obj.response {"</p> 
  <h3>Guru Meditation:</h3> 
  <p>XID: "} req.xid {"</p> 
  <hr> 
  <address> 
    Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a> 
  </address> 
 </body> 
</html> 
"};  
  return (deliver); 
} 
}