Skip to content

BFE mod_trust_clientip

mod_trust_clientip

Introduction

mod_trust_clientip checks the client IP of incoming request/connnection against trusted ip dictionary. If matched, the request/connection is marked as trusted.

Module Configuration

Description

conf/mod_trust_clientip/mod_trust_clientip.conf

Config Item	Description
Basic.DataPath	String Path of rule configuration

Example

[Basic]
DataPath = mod_trust_clientip/trust_client_ip.data

Rule Configuration

Description

conf/mod_trust_clientip/trust_client_ip.data

Config Item	Type	Description
Version	String	Version of config file
Config	Object	Trusted ip config
Config{k}	Struct	Label
Config{v}	String	A list of ip segments
Config{v}[]	Object	A ip segment
Config{v}[].Begin	String	Start ip address
Config{v}[].End	String	End ip address

Example

{
    "Version": "20190101000000",
    "Config": {
        "inner-idc": [
            {
                "Begin": "10.0.0.0",
                "End": "10.255.255.255"
            }
        ]
    }
}

Metrics

Metric	Description
CONN_ADDR_INTERNAL	Counter for connection from internal
CONN_ADDR_INTERNAL_NOT_TRUST	Counter for connection from internal and not trust
CONN_TOTAL	Counter for all connnetion checked
CONN_TRUST_CLIENTIP	Counter for connection from trust address