annotate mod_host_blacklist/mod_host_blacklist.lua @ 2370:5fe483b73fd2

mod_firewall: Rate limiting: Document 'entries' and add option to allow overflowing when full
author Matthew Wild <mwild1@gmail.com>
date Tue, 15 Nov 2016 21:55:12 +0000
parents 547b3c05cc06
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1180
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local jid_split = require "util.jid".split;
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local st = require "util.stanza";
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local set = require "util.set";
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 local select = select;
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local blacklist = module:get_option_inherited_set("host_blacklist", {});
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local function stanza_checker(attr)
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 return function (event)
1181
005b0429cf46 mod_host_blacklist: Small fix
Matthew Wild <mwild1@gmail.com>
parents: 1180
diff changeset
10 local host = select(2, jid_split(event.stanza.attr[attr]));
1180
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 if blacklist:contains(host) then
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted"));
1182
547b3c05cc06 mod_host_blacklist: Bigger fix: return true to block original stanza (thanks Zash)
Matthew Wild <mwild1@gmail.com>
parents: 1181
diff changeset
13 return true;
1180
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 end
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 end
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 end
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 check_incoming_stanza = stanza_checker("from");
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 check_outgoing_stanza = stanza_checker("to");
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 for stanza_type in set.new{"presence","message","iq"}:items() do
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 for jid_type in set.new{"bare", "full", "host"}:items() do
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 module:hook("pre-"..stanza_type.."/"..jid_type, check_outgoing_stanza, 500);
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 module:hook(stanza_type.."/"..jid_type, check_incoming_stanza, 500);
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 end
513aa2e0c045 mod_host_blacklist: Similar to mod_s2s_blacklist, but stanza-based. Works between hosts on the same server, at a slight performance impact.
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 end