trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Moseley <moseleym...@gmail.com>
Subject Re: Get Origin IP in Lua
Date Sun, 01 Feb 2015 05:50:20 GMT
The ts.server_request.server_addr.get_addr() patch patches just fine
against 5.2.0 (or at least the .c files do; I didn't try the CHANGES
or ts_lua.en.rst files) and is *exactly* what I was looking for.

Now with a hook into TS_LUA_HOOK_OS_DNS, I can check the backend IP and
return a 403 via ts.server_intercept (though I'll take any advice on the
most efficient hook and most efficient way of doing the 403 -- I was also
setting the status manually and returning 1 from the hook previously, but I
don't think that gets cached).

Thanks!


On Tue, Jan 13, 2015 at 1:09 AM, Luca Rea <luca.rea@contactlab.com> wrote:

> Hi,
> I’ve compiled ATS to run as “ats” user (uid: 501) and configured iptables
> to filter origin IPs:
>
>
> -A OUTPUT -m tcp -p tcp ! --sport 8080 -m owner --uid-owner 501 -d
> 172.16.0.0/12  -j REJECT
>

Mime
View raw message