deblan-mirror/reaction
1
0
Fork 0
mirror of https://framagit.org/ppom/reaction synced 2024-05-30 07:02:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add banFor snippet to jsonnet example

Browse source
This commit is contained in:
ppom 2024-01-08 12:00:00 +01:00
parent e1ff702cd1
commit bc13342e06
1 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
config/example.jsonnet
View file

@ -8,6 +8,17 @@ local iptables(args) = ['ip46tables', '-w'] + args;
// ip46tables is a minimal C program (only POSIX dependencies) present in a subdirectory of this repo.
// it permits to handle both ipv4/iptables and ipv6/ip6tables commands
// See meaning and usage of this function around L106
local banFor(time) = {
ban: {
cmd: iptables(['-A', 'reaction', '-s', '<ip>', '-j', 'DROP']),
},
unban: {
after: time,
cmd: iptables(['-D', 'reaction', '-s', '<ip>', '-j', 'DROP']),
},
};
{
// patterns are substitued in regexes.
// when a filter performs an action, it replaces the found pattern
@ -91,6 +102,8 @@ local iptables(args) = ['ip46tables', '-w'] + args;
// (with the stop commands)
},
},
// or use the banFor function defined at the beginning!
// actions: banFor('48h'),
},
},
},