summaryrefslogtreecommitdiff
path: root/utils/templates/etc
diff options
context:
space:
mode:
Diffstat (limited to 'utils/templates/etc')
-rw-r--r--utils/templates/etc/filtron/rules.json56
1 files changed, 56 insertions, 0 deletions
diff --git a/utils/templates/etc/filtron/rules.json b/utils/templates/etc/filtron/rules.json
new file mode 100644
index 000000000..4a232388e
--- /dev/null
+++ b/utils/templates/etc/filtron/rules.json
@@ -0,0 +1,56 @@
+[
+ {
+ "name": "api limit",
+ "interval": 60,
+ "limit": 1000,
+ "filters": ["Path=^/api"],
+ "aggregations": ["Path"],
+ "actions": [
+ {"name": "block"}
+ ],
+ "subrules": [
+ {
+ "name": "drop put",
+ "interval": 60,
+ "limit": 100,
+ "filters": ["Method=PUT"],
+ "aggregations": ["Header:X-Forwarded-For"],
+ "actions": [
+ {"name": "shell",
+ "params": {"cmd": "iptables -A INPUT -s %v -j DROP", "args": ["Header:X-Forwarded-For"]}}
+ ]
+ }
+ ]
+ },
+ {
+ "name": "log'n'block rss",
+ "interval": 300,
+ "limit": 2500,
+ "filters": ["Path=^/$", "GET:format=rss"],
+ "actions": [
+ {"name": "log"},
+ {"name": "block"}
+ ]
+ },
+ {
+ "name": "log rule",
+ "filters": ["Path=/"],
+ "actions": [ {"name": "log"} ],
+ "subrules": [
+ {
+ "name": "block missing accept-language",
+ "filters": ["!Header:Accept-Language"],
+ "actions": [
+ {"name": "block"}
+ ]
+ },
+ {
+ "name": "block curl",
+ "filters": ["Header:User-Agent=[Cc]url"],
+ "actions": [
+ {"name": "block"}
+ ]
+ }
+ ]
+ }
+]
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-16 21:03:49 +0000