trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Miles Libbey <mlib...@apache.org>
Subject Re: ATS Access control
Date Fri, 18 Nov 2016 19:27:24 GMT
You can also use the ip_allow configs inside a remap rule -- like:

map http://inbound.example.com http://origin.example.com \
      @src_ip=10.0.0.0-10.255.255.255 \
      @action=allow

or

map http://inbound.example.com http://origin.example.com \
       @action=deny @method=CONNECT @method=POST @method=PUT @method=DELETE

On Fri, Nov 18, 2016 at 10:51 AM, Alan Carroll
<solidwallofcode@yahoo-inc.com> wrote:
> It's certainly possible to do in a custom plugin. I'm working on one right
> now, actually, to do that, although it's unfortunately proprietary.
>
> Another way to consider is to use map or regex_remap in remap.config to map
> all requests to a domain to an error page.
>
> The standard header-rewrite plugin might work as well, by setting the return
> code.
>
>
> On Friday, November 18, 2016 11:51 AM, Di Li <di_li@apple.com> wrote:
>
>
> Hi,
>
> Question for Access control, I see there’s ip_allow.config, where we can
> define source ip and destination IP, as well as HTTP method.
>
> Is there a way to support domain based filter like @xxx.com may be not in
> this ip_allow but in other config or plugins ?
>
>
> Thanks,
> Di Li
>
>
>

Mime
View raw message