diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-03-09 13:19:48 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-03-09 13:20:02 +0000 |
| commit | 58daab21cd043e1dc37024a7f99b396788372918 (patch) | |
| tree | 96771e43bb69f7c1c2b0b4f7374cb74d7866d0cb /fluent-bit/lib/monkey/plugins/mandril/conf | |
| parent | Releasing debian version 1.43.2-1. (diff) | |
| download | netdata-58daab21cd043e1dc37024a7f99b396788372918.tar.xz netdata-58daab21cd043e1dc37024a7f99b396788372918.zip | |
Merging upstream version 1.44.3.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'fluent-bit/lib/monkey/plugins/mandril/conf')
| -rw-r--r-- | fluent-bit/lib/monkey/plugins/mandril/conf/CMakeLists.txt | 9 | ||||
| -rw-r--r-- | fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf | 57 |
2 files changed, 66 insertions, 0 deletions
diff --git a/fluent-bit/lib/monkey/plugins/mandril/conf/CMakeLists.txt b/fluent-bit/lib/monkey/plugins/mandril/conf/CMakeLists.txt new file mode 100644 index 000000000..44e95175c --- /dev/null +++ b/fluent-bit/lib/monkey/plugins/mandril/conf/CMakeLists.txt @@ -0,0 +1,9 @@ +set(conf_dir "${MK_PATH_CONF}/plugins/mandril/") + +install(DIRECTORY DESTINATION ${conf_dir}) + +if(BUILD_LOCAL) + file(COPY mandril.conf DESTINATION ${conf_dir}) +else() + install(FILES mandril.conf DESTINATION ${conf_dir}) +endif() diff --git a/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf b/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf new file mode 100644 index 000000000..efeaf5d9a --- /dev/null +++ b/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf @@ -0,0 +1,57 @@ +# Monkey HTTP Daemon - Mandril +# ============================ +# Mandril Plugin provide security rules to be applied to the incomming +# connections. If the client is rejected by some rule, it will get the +# 403 Forbidden error status. +# +# It supports two restriction modes, by request URI and by IP (or network +# range), make sure all your rules are defined under the section [RULES]: +# +# a) Restriction by request URI: +# +# You can define multiple keywords to restrict a specific incoming +# request which hold that string. Check this example: +# +# [RULES] +# URL documents +# URL pictures +# URL /private +# +# b) Restriction by IP or network range: +# +# Multiple rules can be defined to deny the access to specific incoming +# clients: +# +# [RULES] +# IP 10.20.1.1/24 +# IP 192.168.3.150 +# +# In the first rule we are blocking a range of IPs from 10.20.1.1 to +# 10.20.1.255. In the second example just one specific IP address. +# +# It also supports denying hotlinking from other domains. +# +# c) +# +# [RULES] +# deny_hotlink /imgs +# +# This rule will prevent access to all files under /imgs if the +# request's Referer header is not from the same domain or its +# subdomains. +# If the Referer header is missing, the request will be accepted. +# +# You can mix the rules type under the [RULE] section, so the following example +# is totally valid: +# +# [RULES] +# URL documents +# URL pictures +# URL /private +# IP 10.20.1.1/24 +# IP 192.168.3.150 +# + +[RULES] + # IP 127.0.0.1 + # URL /imgs |