diff options
Diffstat (limited to 'src/fluent-bit/lib/monkey/plugins/mandril/conf')
-rw-r--r-- | src/fluent-bit/lib/monkey/plugins/mandril/conf/CMakeLists.txt | 9 | ||||
-rw-r--r-- | src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf | 57 |
2 files changed, 66 insertions, 0 deletions
diff --git a/src/fluent-bit/lib/monkey/plugins/mandril/conf/CMakeLists.txt b/src/fluent-bit/lib/monkey/plugins/mandril/conf/CMakeLists.txt new file mode 100644 index 000000000..44e95175c --- /dev/null +++ b/src/fluent-bit/lib/monkey/plugins/mandril/conf/CMakeLists.txt @@ -0,0 +1,9 @@ +set(conf_dir "${MK_PATH_CONF}/plugins/mandril/") + +install(DIRECTORY DESTINATION ${conf_dir}) + +if(BUILD_LOCAL) + file(COPY mandril.conf DESTINATION ${conf_dir}) +else() + install(FILES mandril.conf DESTINATION ${conf_dir}) +endif() diff --git a/src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf b/src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf new file mode 100644 index 000000000..efeaf5d9a --- /dev/null +++ b/src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf @@ -0,0 +1,57 @@ +# Monkey HTTP Daemon - Mandril +# ============================ +# Mandril Plugin provide security rules to be applied to the incomming +# connections. If the client is rejected by some rule, it will get the +# 403 Forbidden error status. +# +# It supports two restriction modes, by request URI and by IP (or network +# range), make sure all your rules are defined under the section [RULES]: +# +# a) Restriction by request URI: +# +# You can define multiple keywords to restrict a specific incoming +# request which hold that string. Check this example: +# +# [RULES] +# URL documents +# URL pictures +# URL /private +# +# b) Restriction by IP or network range: +# +# Multiple rules can be defined to deny the access to specific incoming +# clients: +# +# [RULES] +# IP 10.20.1.1/24 +# IP 192.168.3.150 +# +# In the first rule we are blocking a range of IPs from 10.20.1.1 to +# 10.20.1.255. In the second example just one specific IP address. +# +# It also supports denying hotlinking from other domains. +# +# c) +# +# [RULES] +# deny_hotlink /imgs +# +# This rule will prevent access to all files under /imgs if the +# request's Referer header is not from the same domain or its +# subdomains. +# If the Referer header is missing, the request will be accepted. +# +# You can mix the rules type under the [RULE] section, so the following example +# is totally valid: +# +# [RULES] +# URL documents +# URL pictures +# URL /private +# IP 10.20.1.1/24 +# IP 192.168.3.150 +# + +[RULES] + # IP 127.0.0.1 + # URL /imgs |