Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Firewall ¶
type Firewall struct {
// [required] url of the iprepd instance to use
IPrepdURL string
// [required] auth string to authenticate against iprepd
IPrepdAuthStr string
// [required] reject any ip with reputation below this score
RejectBelowScore int
// optionally add IPs you wish to unconditionally allow
Whitelist []net.IP
// optionally log all dropped http requests
LogBlocked bool
// optionally allow any request if there was a problem reaching iprepd
FailOpen bool
// optionally use non-default http client settings
HTTPClient *http.Client
}
Firewall is a software defined firewall for HTTP servers. It uses Reputation entries from a trusted iprepd instance and built-in configuration parameters in order to determine whether an HTTP request should be served or not given the request's source ip address
func (*Firewall) Wrap ¶
Wrap the firewall around an HTTP handler. The returned http.Handler will only serve requests from IPs which satisfy one or more of the following:
- the IP is included in the Firewall's whitelist
- the IP does not have an entry in iprepd (implying no violations)
- the IP has an entry in iprepd with a score above RejectBelowScore
Source Files
Click to show internal directories.
Click to hide internal directories.