Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add suppoer for handling BAN requests

Browse Source
This commit is contained in:
Thomas Lynch
2024-11-13 21:08:23 +11:00
parent 174609313f
commit f2ad095874
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
varnish/default.vcl
View File

@ -15,16 +15,21 @@ acl purge_allowed {
# incoming requests # incoming requests
sub vcl_recv { sub vcl_recv {
# handle PURGE requests # handle PURGE and BAN requests
if (req.method == "PURGE" && req.http.X-BasedFlare-Varnish-Key == "changeme") { if ((req.method == "PURGE" || req.method == "BAN") && req.http.X-BasedFlare-Varnish-Key == "changeme") {
if (req.http.X-Forwarded-For) { if (req.http.X-Forwarded-For) {
set req.http.X-Real-IP = regsub(req.http.X-Forwarded-For, ",.*", ""); set req.http.X-Real-IP = regsub(req.http.X-Forwarded-For, ",.*", "");
} else { } else {
#set fallback to client ip # set fallback to client IP
set req.http.X-Real-IP = client.ip; set req.http.X-Real-IP = client.ip;
} }
if (std.ip(req.http.X-Real-IP, "0.0.0.0") ~ purge_allowed) { if (std.ip(req.http.X-Real-IP, "0.0.0.0") ~ purge_allowed) {
return (purge); #perform action based on the requestm ethod
if (req.method == "PURGE") {
return (purge);
} else if (req.method == "BAN") {
return (ban);
}
} else { } else {
return (synth(405, "Not allowed")); return (synth(405, "Not allowed"));
} }