COUNTER parameter   ==  COUNTER=listOfCounterControl
    counterControl  ==  do | total | acc | ssi | ref | err | ro | no | mntpV
                    --  default: COUNTER=no
                    --  restriction: applicable to HTTP, SMTP, FTP and DNS

Specify the usage of access counters.
(CAUTION: the current implementation of the counter in DeleGate/9.X is tentative thus the location and the format of the counter file might be modified and become incompatible in future)

do -- enable all counters including "total,acc,ssi,ref,err"

total -- enable the total hit counter of this server

acc -- enable access counters for each access to each URL

ssi -- enable access counters for SSI (by PAGE_COUNT in .shtml)

ref -- enable referrer counters for HTTP "Referer:"

err -- enable error counters (for SMTP)

ro -- enable counters in read-only

no -- disable counters [default]

mntpV -- use the counter of the MOUNT point (vURL) instead of each URL

If enabled with COUNTER="do", all access counters for any requests, referrers, and errors are incremented. If enabled with "total", the access counter for any requests to this server is incremented. If enabled with "acc", access counters for any requests to each target URL is incremented. If enabled with "ssi", only the access counter for the URL of a SHTML page including a SSI PAGE_COUNT reference is incremented when the page is accessed. If enabled with "ref", the referrer counter of the URL in the HTTP "Referer:" fields is incremented.

Each access counter is stored in a file at "ADMDIR/counts/access/URL#count". Each counter file starts with a line consists of the numbers of accesses in ASCII decimal format so that it can be initialized or modified manually. The line can contain three numbers; the first one is the total count, the second one is the count excluding repetitive accesses from the same client, and the third one is the count excluding repetitive access from one of recent ten clients. Each count are represented as %T, %U and %V respectively in the format string described below.

The counter can be displayed in a specified format using SSI as the PAGE_COUNT or COUNTER value. If no "url" attribute is specified in a tag, the URL of the SHTML file containing the tag is implied. Counter values are converted to a printable character string following to the format string given in the "fmt=..." attribute. The default format is "%T".

Format Specifiers:

%T -- total count

%U -- the count excluding repetitive accesses form a client

%V -- the count excluding repetitive accesses from recent 10 clients

%N -- the number of networks [ 0 - 1023 ]

%M -- the map of networks

%L -- the list of the last ten clients

%mT %mU %mV -- mean counts per day

%mHT %mHU %mHV -- mean counts per hour

%tC -- the time of the first count (counter creation)

%tT %tU %tV -- the time of update of each count

The specifier %N represents the number of networks of clients where each network is with net-mask of 10 bits (0xFFC00000 255.192.0.0/10). This means that the whole IPv4 address space is divided into 1024 networks. So the %N represents the distribution of clients onto networks over the address space as a coverage value in per-mill. %M shows the distribution of clients as a visual map.

Example:

<!--#echo var=PAGE_COUNT -->

<!--#echo var=COUNTER -->

<!--#echo var=COUNTER fmt="%T hits since %tC" -->

<!--#echo var=COUNTER url="URL" -->

<!--#echo var=COUNTER fmt="%U/%T hits" -->

<!--#echo var=COUNTER url="URL" fmt="%U/%T hits" -->

The total count is displayed by TOTAL_HITS tag or by COUNTER tag with "sel=total". The referrer counter of a URL is incremented when the URL is in "Referer:" header in a HTTP request. Each referrer counter is stored in a file at "ADMDIR/counts/referer/URL#count-ref". The referrer counter can be displayed with "sel=ref" attribute in the COUNTER tag.

Example:

<!--#echo var=TOTAL_HITS -->

<!--#echo var=COUNTER sel=total -->

<!--#echo var=COUNTER url="URL" fmt="%U/%T refs" sel=ref -->

Enabling all counters for each URL can be expensive and/or unnecessary. You can reduce counters by using the counter of a MOUNT point as the representative, or using only total access counters of the server. In the following example, counters for all URLs is enabled by default (with COUNTER=do), while counters for URLs under /srv1/ is represented by the counter of /srv1/, and only the server's total counter and SSI counters are enabled for URLs under /mine/. As shown in this example, COUNTER can be specified as a MountOption of which initial value is inherited from the COUNTER parameter.

Example:

    COUNTER=do
    MOUNT="/srv1/* http://srv1/*  COUNTER=mntpV"
    MOUNT="/mine/* file:dirpath/* COUNTER=no,total,ssi"

Server Side Include in SHTML files

On an origin HTTP-DeleGate, a local file with suffix ".shtml" is regarded, like a file with ".html", as a HTML file except that it includes special tags for Server Side Include (SSI) and META which are to be interpreted and substituted by the HTTP-DeleGate before it is sent to a client.

SSI tags

<!--#echo var="varName" -->

will be substituted with the value specified by varName. varName can be arbitrary CGI compatible name like "REMOTE_HOST" or "HTTP_SERVER", as well as followings.

DATE_GMT -- current time in GMT

DATE_LOCAL -- current time local to the server host

LAST_MODIFIED -- the last modified time of the .shtml file

REFERER -- equiv. to HTTP_REFERER

DOCUMENT_NAME -- equiv. to SCRIPT_NAME

DOCUMENT_URI -- equiv. to REQUEST_URI

* -- all of variables as name=value pairs

<!--#include virtual="URL" -->

will be substituted with the data specified by "virtual" attribute. "virtual" can be full URL like "proto://server/upath" or partial URL like "/upath" which will be interpreted as http://delegate/upath. Relative URLs like "upath" without leading "/" are interpreted as relative to the base (current) shtml file.

Note that including a resource by SSI is under the access control of DeleGate (as origin or proxy server) common to the access control against client users. That is, if a client user is forbidden to access the included resource, it is also forbidden even via SSI-include.
Especially allowing including a resource out of the DeleGate server, with URL like virtual=http://exserver/dir/fileX can make a security hole made by a user as a SHTML writer. In an origin server, relaying as a proxy must be forbidden by RELAY=no, but it also forbids SSI-include to do from other servers.
A simple workaround in version 9 is adding a limited RELAY as RELAY="proxy:http:exserver:*" that only allows relaying to exserver. Another safer workaround is using MOUNT like MOUNT="/ex/* http://exserver/dir/*" then write SSI-include like virtual="/ex/fileX". But both of these allows client users to access to resources other than the intended virtual URL in the exserver.

To cope with the above problem in version 10, RELAY=ssi is introduced to be used together with RELAY=no. RELAY=ssi allows SHTML writers to do include from other servers, leaving the permission for client users unchanged (as RELAY=no). In other words without RELAY=ssi, you (as the administrator of DeleGate) can forbid SHTML writers to include from other servers. Also you can restrict the includable target server (and protocols or clients) by the generic notation of DeleGate as RELAY=ssi:protocolList:serverList:clientList.
Another (and maybe more important) extension in version 10 is relaying request/response message header (as Cookie or User-Agent) back and forth between client and server via SSI-include.

NOTE: Maybe it is impossible to forbid CGIs to access arbitrary servers in a way independent of platforms and languages. But at least we can forbid CGIs completely with REMITTABLE="+,-cgi".

<!--#fsize virtual="URL" -->

<!--#flastmod virtual="URL" -->

will be substituted with the size or the last modified time of the specified data respectively.

<!--#config timefmt=timeFormat -->

will specify the format of generated time string by "#echo","#flastmod" or so, in strftime(3) compatible format. (default: timefmt="%a, %d %b %Y %H:%M:%S %z")

META tags

<META HTTP-EQUIV=fieldName content="fieldBody">

will generate "fieldName: fieldBody" header in the HTTP response message. The following patterns in fileBody will be substituted as described above.

${varName} or <!--#echo var=varName -->

${flastmod:URL} or <!--#flastmod virtual=URL -->

${fsize:URL} or <!--#fsize virtual=URL -->

${include:URL} or <!--#include virtual=URL -->

Example:

<META HTTP-EQUIV=Status content="200 OK">

<META HTTP-EQUIV=Content-Type content="text/html">

<META HTTP-EQUIV=Pragma content="no-cache">

<META HTTP-EQUIV=Date content="${DATE_GMT}">

<META HTTP-EQUIV=Last-Modified content="${flastmod:URL}">