Introduction

Block incoming connection/request based on defined rules.

Configuration

  • Module config file

    conf/mod_block/mod_block.conf

    1. [basic]
    2. # product rule config file path
    3. ProductRulePath = ../conf/mod_block/block_rules.data
    5. # global ip blacklist file path
    6. IPBlacklistPath = ../conf/mod_block/ip_blacklist.data

  • Data config file

    • ip blacklist file

      conf/mod_block/ip_blacklist.data

      1. 192.168.1.253 192.168.1.254
      2. 192.168.1.250

    • block rules file

      conf/mod_block/block_rules.data

      | Config Item | Type | Description || —————- | ——— | —————————————————————————————— || Version | String | Verson of config file || Config | Struct | Block rules for each product. Block rule include: - Cond: “condition” expression - Action: what to do after matched- Name: rule name |

      | Action | Description || ——— | —————————— || CLOSE | Close the connection |

      1. {
      2.   "Version": "20190101000000",
      3.   "Config": {
      4.       "example_product": [
      5.           {
      6.             "action": {
      7.                   "cmd": "CLOSE",
      8.                   "params": []
      9.               },
      10.               "name": "example rule",
      11.               "cond": "req_path_in(\"/limit\", false)"            
      12.           }
      13.       ]
      14.   }
      15. }