traefik_plugin_geoblock

package module
v0.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 6, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

README

traefik-plugin-geoblock

Build Status Go Report Card Latest GitHub release License

traefik-plugin-geoblock is a traefik plugin to allow or block requests based on geolocation

This projects includes IP2Location LITE data available from lite.ip2location.com.

Configuration

Static
Local
experimental:
  localPlugins:
    geoblock:
      moduleName: github.com/nscuro/traefik-plugin-geoblock
Pilot
pilot:
  token: "xxxxxxxxx"

experimental:
  plugins:
    geoblock:
      moduleName: github.com/nscuro/traefik-plugin-geoblock
      version: v0.5.0
Dynamic
http:
  middlewares:
    geoblock:
      plugin:
        geoblock:
          # Enable this plugin?
          enabled: true
          # Path to ip2location database file
          databaseFilePath: /plugins-local/src/github.com/nscuro/traefik-plugin-geoblock/IP2LOCATION-LITE-DB1.IPV6.BIN
          # Whitelist of countries to allow (ISO 3166-1 alpha-2)
          allowedCountries: [ "AT", "CH", "DE" ]
          # Blocklist of countries to block (ISO 3166-1 alpha-2)
          blockedCountries: [ "RU" ]
          # Default allow indicates that if an IP is in neither block list nor allow lists, it should be allowed.
          defaultAllow: false
          # Allow requests from private / internal networks?
          allowPrivate: true
          # HTTP status code to return for disallowed requests (default: 403)
          disallowedStatusCode: 204
          # Add CIDR to be whitelisted, even if in a non-allowed country
          allowedIPBlocks: ["66.249.64.0/19"]
          # Add CIDR to be blacklisted, even if in an allowed country or IP block
          blockedIPBlocks: ["66.249.64.5/32"]

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New 

func New(_ context.Context, next http.Handler, cfg *Config, name string) (http.Handler, error)

New creates a new plugin instance.

Types

type Config 

type Config struct {
	Enabled              bool     // Enable this plugin?
	DatabaseFilePath     string   // Path to ip2location database file
	AllowedCountries     []string // Whitelist of countries to allow (ISO 3166-1 alpha-2)
	BlockedCountries     []string // Blocklist of countries to be blocked (ISO 3166-1 alpha-2)
	DefaultAllow         bool     // If source matches neither blocklist nor whitelist, should it be allowed through?
	AllowPrivate         bool     // Allow requests from private / internal networks?
	DisallowedStatusCode int      // HTTP status code to return for disallowed requests
	AllowedIPBlocks      []string // List of whitelist CIDR
	BlockedIPBlocks      []string // List of blocklisted CIDRs
}

Config defines the plugin configuration.

func CreateConfig 

func CreateConfig() *Config

CreateConfig creates the default plugin configuration.

type Plugin 

type Plugin struct {
	// contains filtered or unexported fields
}

func (Plugin) CheckAllowed 

func (p Plugin) CheckAllowed(ip string) (allow bool, country string, err error)

CheckAllowed checks whether a given IP address is allowed according to the configured allowed countries.

func (Plugin) GetRemoteIPs 

func (p Plugin) GetRemoteIPs(req *http.Request) []string

GetRemoteIPs collects the remote IPs from the X-Forwarded-For and X-Real-IP headers.

func (Plugin) Lookup 

func (p Plugin) Lookup(ip string) (string, error)

Lookup queries the ip2location database for a given IP address.

func (Plugin) ServeHTTP 

func (p Plugin) ServeHTTP(rw http.ResponseWriter, req *http.Request)

ServeHTTP implements the http.Handler interface.

Source Files

View all Source files

Directories

Path Synopsis
tools
dbdownload

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.