Mercurial > prosody-modules
comparison mod_firewall/README.markdown @ 4152:87daef9ed4e7
Improve mod_firewall readme
| author | Christian Weiske <cweiske@cweiske.de> |
|---|---|
| date | Mon, 21 Sep 2020 21:57:25 +0200 |
| parents | e9e10ec1b91c |
| children | ae738969f38a |
comparison
equal
deleted
inserted
replaced
| 4149:bb60db2b2cd1 | 4152:87daef9ed4e7 |
|---|---|
| 65 | 65 |
| 66 firewall_scripts = { "path/to/ruleset.pfw", "path/to/ruleset2.pfw" } | 66 firewall_scripts = { "path/to/ruleset.pfw", "path/to/ruleset2.pfw" } |
| 67 | 67 |
| 68 If multiple files are specified and they both add rules to the same chains, | 68 If multiple files are specified and they both add rules to the same chains, |
| 69 each file's rules will be processed in order, but the order of files is undefined. | 69 each file's rules will be processed in order, but the order of files is undefined. |
| 70 | |
| 71 Reloading Prosody's configuration also reloads firewall rules. | |
| 72 | |
| 73 Make sure that `firewall_scripts` is in the global section of the configuration file | |
| 74 and not below a virtual host or a component - unless you want per-vhost | |
| 75 firewall rules. | |
| 70 | 76 |
| 71 Conditions | 77 Conditions |
| 72 ---------- | 78 ---------- |
| 73 | 79 |
| 74 All conditions must come before any action in a rule block. The | 80 All conditions must come before any action in a rule block. The |
| 585 | 591 |
| 586 Action Description | 592 Action Description |
| 587 --------------- ------------------------------------------------------------------------------------------------------------------------ | 593 --------------- ------------------------------------------------------------------------------------------------------------------------ |
| 588 `LOG=message` Logs the given message to Prosody's log file. Optionally prefix it with a log level in square brackets, e.g. `[debug]` | 594 `LOG=message` Logs the given message to Prosody's log file. Optionally prefix it with a log level in square brackets, e.g. `[debug]` |
| 589 | 595 |
| 590 You can include expressions in log messages, using `$(...)` syntax. For example, to log the stanza that matched the rule, you can use $(stanza), | 596 You can include expressions in log messages, using `$(...)` syntax. For example, to log the stanza that matched the rule, you can use `$(stanza)`, |
| 591 or to log just the top tag of the stanza, use $(stanza:top_tag()). | 597 or to log just the top tag of the stanza, use `$(stanza:top_tag())`. |
| 598 To fetch the sender JID, use `$(stanza.attr.from)`. | |
| 592 | 599 |
| 593 Example: | 600 Example: |
| 594 | 601 |
| 595 # Log all stanzas to user@example.com: | 602 # Log all stanzas to user@example.com: |
| 596 TO: user@example.com | 603 TO: user@example.com |