Mercurial > prosody-wiki
comparison mod_host_guard.wiki @ 282:caffa894b070
Add table of config options with descriptions
author | MWild1@gmail.com |
---|---|
date | Sat, 26 May 2012 21:13:49 +0000 |
parents | a0d014edd8df |
children | 528721aaea46 |
comparison
equal
deleted
inserted
replaced
281:a0d014edd8df | 282:caffa894b070 |
---|---|
13 And add it between your enabled modules into the global section (modules_enabled): | 13 And add it between your enabled modules into the global section (modules_enabled): |
14 | 14 |
15 * The plugin can work either by blocking all remote access (s2s) to a certain resource with optional exceptions (useful for components) | 15 * The plugin can work either by blocking all remote access (s2s) to a certain resource with optional exceptions (useful for components) |
16 * Or by selectively blocking certain remote hosts through blacklisting (by using host_guard_selective and host_guard_blacklisting) | 16 * Or by selectively blocking certain remote hosts through blacklisting (by using host_guard_selective and host_guard_blacklisting) |
17 | 17 |
18 Module configuration syntax: | 18 = Configuration = |
19 | |
20 || *Option name* || *Description* || | |
21 || host_guard_blockall || A list of local hosts to protect from incoming s2s || | |
22 || host_guard_blockall_exceptions || A list of remote hosts that are always allowed to access hosts listed in host_guard_blockall || | |
23 || host_guard_selective || A list of local hosts to allow selective filtering (blacklist) of incoming s2s connections || | |
24 || host_guard_blacklist || A blacklist of remote hosts that are not allowed to access hosts listed in host_guard_selective || | |
25 | |
26 == Example == | |
19 <code language="lua"> | 27 <code language="lua"> |
20 host_guard_blockall = { "no_access.yourhost.com", "no_access2.yourhost.com" } -- insert here the local hosts where you want to forbid all remote traffic to. | 28 host_guard_blockall = { "no_access.yourhost.com", "no_access2.yourhost.com" } -- insert here the local hosts where you want to forbid all remote traffic to. |
21 host_guard_blockall_exceptions = { "i_can_access.no_access.yourhost.com" } -- optional exceptions for the above. | 29 host_guard_blockall_exceptions = { "i_can_access.no_access.yourhost.com" } -- optional exceptions for the above. |
22 host_guard_selective = { "no_access_from_blsted.myhost.com", "no_access_from_blsted.mycomponent.com" } -- insert here the local hosts where you want to employ blacklisting. | 30 host_guard_selective = { "no_access_from_blsted.myhost.com", "no_access_from_blsted.mycomponent.com" } -- insert here the local hosts where you want to employ blacklisting. |
23 host_guard_blacklist = { "remoterogueserver.com", "remoterogueserver2.com" } -- above option/mode mandates the use of a blacklist, you may blacklist remote servers here. | 31 host_guard_blacklist = { "remoterogueserver.com", "remoterogueserver2.com" } -- above option/mode mandates the use of a blacklist, you may blacklist remote servers here. |