ipfilter

package module
v0.0.0-...-66c8b47 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 30, 2016 License: Apache-2.0 Imports: 11 Imported by: 0

README

ipfilter

Go Report Card

ipfilter is a middleware for Caddy

Caddyfile examples

filter clients based on a giving IP or range of IPs
ipfilter / {
	rule block
	ip 192.168 213.42.9.10-50 214.1.1.10
}

caddy will block any clients with IPs that fall into one of these two ranges 192.168.0.0 to 192.168.255.255 and 213.42.9.10 to 213.42.9.50 , or a client that has an IP of 214.1.1.10 explicitly, ranges are inclusive, which means 213.42.9.50 will get blocked.

ipfilter / {
	rule allow
	blockpage default.html
	ip 55.3.4.20 55.3.4.30
}

caddy will serve only these 2 IPs, eveyone else will get default.html

filter clients based on their Country ISO Code

filtering with country codes requires a local copy of the Geo database, can be downloaded for free from MaxMind

ipfilter / {
	rule allow
	database /data/GeoLite.mmdb
	country US JP
}

with that in your Caddyfile caddy will only serve users from the United States or Japan

ipfilter /notglobal /secret {
	rule block
	database /data/GeoLite.mmdb
	blockpage default.html
	country US JP
}

having that in your Caddyfile caddy will ignore any requests from United States or Japan to /notglobal or /secret and it will show default.html instead, blockpage is optional.

Using mutiple ipfilter blocks
ipfilter / {
	rule allow
	ip 32.55.3.10
}

ipfilter /webhook {
	rule allow
	ip 131.133.10
}

You can use as many ipfilter blocks as you please, the above says: block everyone but 32.55.3.10, Unless it falls in the range 131.133.10.0-131.133.10.255 and requesting a path in /webhook

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Setup 

func Setup(c *caddy.Controller) error

Setup parses the ipfilter configuration and returns the middleware handler.

Types

type ByLength 

type ByLength []string

ByLength sorts strings by length and alphabetically (if same length)

func (ByLength) Len 

func (s ByLength) Len() int

func (ByLength) Less 

func (s ByLength) Less(i, j int) bool

func (ByLength) Swap 

func (s ByLength) Swap(i, j int)

type IPFConfig 

type IPFConfig struct {
	Paths     []IPPath
	DBHandler *maxminddb.Reader // Database's handler if it gets opened.
}

IPFConfig holds the configuration for the ipfilter middleware.

type IPFilter 

type IPFilter struct {
	Next   httpserver.Handler
	Config IPFConfig
}

IPFilter is a middleware for filtering clients based on their ip or country's ISO code.

func (IPFilter) ServeHTTP 

func (ipf IPFilter) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error)

func (IPFilter) ShouldAllow 

func (ipf IPFilter) ShouldAllow(path IPPath, r *http.Request) (bool, string, error)

ShouldAllow takes a path and a request and decides if it should be allowed

type IPPath 

type IPPath struct {
	PathScopes   []string
	BlockPage    string
	CountryCodes []string
	Ranges       []Range
	IsBlock      bool
	Strict       bool
}

IPPath holds the configuration of a single ipfilter block.

type OnlyCountry 

type OnlyCountry struct {
	Country struct {
		ISOCode string `maxminddb:"iso_code"`
	} `maxminddb:"country"`
}

OnlyCountry is used to fetch only the country's code from 'mmdb'.

type Range 

type Range struct {
	// contains filtered or unexported fields
}

Range is a pair of two 'net.IP'.

func (Range) InRange 

func (rng Range) InRange(ip *net.IP) bool

InRange is a method of 'Range' takes a pointer to net.IP, returns true if in range, false otherwise.

type Status 

type Status struct {
	// contains filtered or unexported fields
}

Status is used to keep track of the status of the request.

func (*Status) Any 

func (s *Status) Any() bool

Any returns 'true' if we have a match on a country code or an IP in range.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.