Mercurial > prosody-modules
comparison mod_firewall/README.markdown @ 5650:0eb2d5ea2428
merge
| author | Stephen Paul Weber <singpolyma@singpolyma.net> |
|---|---|
| date | Sat, 06 May 2023 19:40:23 -0500 |
| parents | d0d251abf595 |
| children | e8f46195b292 |
comparison
equal
deleted
inserted
replaced
| 5649:2c69577b28c2 | 5650:0eb2d5ea2428 |
|---|---|
| 603 # An action with a parameter: | 603 # An action with a parameter: |
| 604 REPLY=Hello, this is a reply. | 604 REPLY=Hello, this is a reply. |
| 605 | 605 |
| 606 ### Route modification | 606 ### Route modification |
| 607 | 607 |
| 608 The most common actions modify the stanza's route in some way. Currently | 608 The following common actions modify the stanza's route in some way. These |
| 609 the first matching rule to do so will halt further processing of actions | 609 rules will halt further processing of the stanza - no further actions will be |
| 610 and rules (this may change in the future). | 610 executed, and no further rules will be checked. |
| 611 | 611 |
| 612 Action Description | 612 Action Description |
| 613 ----------------------- --------------------------------------------------------------------------------------------------------------------------------------------------------- | 613 ----------------------- --------------------------------------------------------------------------------------------------------------------------------------------------------- |
| 614 `PASS.` Stop executing actions and rules on this stanza, and let it through this chain and any calling chains. | 614 `PASS.` Stop executing actions and rules on this stanza, and let it through this chain and any calling chains. |
| 615 `DROP.` Stop executing actions and rules on this stanza, and discard it. | 615 `DROP.` Stop executing actions and rules on this stanza, and discard it. |
| 616 `DEFAULT.` Stop executing actions and rules on this stanza, prevent any other scripts/modules from handling it, to trigger the appropriate default "unhandled stanza" behaviour. Do not use in custom chains (it is treated as PASS). | 616 `DEFAULT.` Stop executing actions and rules on this stanza, prevent any other scripts/modules from handling it, to trigger the appropriate default "unhandled stanza" behaviour. Do not use in custom chains (it is treated as PASS). |
| 617 `REDIRECT=jid` Redirect the stanza to the given JID. | 617 `REDIRECT=jid` Redirect the stanza to the given JID. |
| 618 `REPLY=text` Reply to the stanza (assumed to be a message) with the given text. | |
| 619 `BOUNCE.` Bounce the stanza with the default error (usually service-unavailable) | 618 `BOUNCE.` Bounce the stanza with the default error (usually service-unavailable) |
| 620 `BOUNCE=error` Bounce the stanza with the given error (MUST be a defined XMPP stanza error, see [RFC6120](http://xmpp.org/rfcs/rfc6120.html#stanzas-error-conditions). | 619 `BOUNCE=error` Bounce the stanza with the given error (MUST be a defined XMPP stanza error, see [RFC6120](http://xmpp.org/rfcs/rfc6120.html#stanzas-error-conditions). |
| 621 `BOUNCE=error (text)` As above, but include the supplied human-readable text with a description of the error | 620 `BOUNCE=error (text)` As above, but include the supplied human-readable text with a description of the error |
| 622 `COPY=jid` Make a copy of the stanza and send the copy to the specified JID. The copied stanza flows through Prosody's routing code, and as such is affected by firewall rules. Be careful to avoid loops. | |
| 623 `FORWARD=jid` Forward a copy of the stanza to the given JID (using XEP-0297). The stanza will be sent from the current host's JID. | |
| 624 | 621 |
| 625 **Note:** It is incorrect behaviour to reply to an 'error' stanza with another error, so BOUNCE will simply act the same as 'DROP' for stanzas that should not be bounced (error stanzas and iq results). | 622 **Note:** It is incorrect behaviour to reply to an 'error' stanza with another error, so BOUNCE will simply act the same as 'DROP' for stanzas that should not be bounced (error stanzas and iq results). |
| 623 | |
| 624 ### Replying and forwarding | |
| 625 | |
| 626 These actions cause a new stanza to be generated and sent somewhere. | |
| 627 Processing of the original stanza will continue beyond these actions. | |
| 628 | |
| 629 Action Description | |
| 630 ------------------------ --------------------------------------------------------------------------------------------------------------------------------------------------------- | |
| 631 `REPLY=text` Reply to the stanza (assumed to be a message) with the given text. | |
| 632 `COPY=jid` Make a copy of the stanza and send the copy to the specified JID. The copied stanza flows through Prosody's routing code, and as such is affected by firewall rules. Be careful to avoid loops. | |
| 633 `FORWARD=jid` Forward a copy of the stanza to the given JID (using XEP-0297). The stanza will be sent from the current host's JID. | |
| 634 | |
| 635 ### Reporting | |
| 636 | |
| 637 Action Description | |
| 638 ------------------------ --------------------------------------------------------------------------------------------------------------------------------------------------------- | |
| 639 `REPORT=jid reason text` Forwards the full stanza to `jid` with a XEP-0377 abuse report attached. | |
| 640 | |
| 641 Only the `jid` is mandatory. The `reason` parameter should be either `abuse`, `spam` or a custom URI. If not specified, it defaults to `abuse`. | |
| 642 After the reason, some human-readable text may be included to explain the report. | |
| 643 | |
| 644 Example: | |
| 645 | |
| 646 ``` | |
| 647 KIND: message | |
| 648 TO: honeypot@example.com | |
| 649 REPORT TO=antispam.example.com spam Caught by the honeypot! | |
| 650 DROP. | |
| 651 ``` | |
| 626 | 652 |
| 627 ### Stanza modification | 653 ### Stanza modification |
| 628 | 654 |
| 629 These actions make it possible to modify the content and structure of a | 655 These actions make it possible to modify the content and structure of a |
| 630 stanza. | 656 stanza. |