Skip to content

mod_trust_clientip

Introduction

mod_trust_clientip checkes the client IP of incoming request/connnection against trusted ip dictionary. If matched, the request/connection is marked as trusted.

Module Configuration

Description

conf/mod_trust_clientip/mod_trust_clientip.conf

Config Item Description
Basic.DataPath String
Path of rule configuraiton

Example

[Basic]
DataPath = mod_trust_clientip/trust_client_ip.data

Rule Configuraiton

Description

conf/mod_trust_clientip/trust_client_ip.data

Config Item Type Description
Version String Verson of config file
Config Object Trusted ip config
Config{k} Struct Label
Config{v} String A list of ip segments
Config{v}[] Object A ip segment
Config{v}[].Begin String Start ip address
Config{v}[].End String End ip address

Example

{
    "Version": "20190101000000",
    "Config": {
        "inner-idc": [
            {
                "Begin": "10.0.0.0",
                "End": "10.255.255.255"
            }
        ]
    }
}

Metrics

Metric Description
CONN_ADDR_INTERNAL Counter for connection from internal
CONN_ADDR_INTERNAL_NOT_TRUST Counter for connection from internal and not trust
CONN_TOTAL Counter for all connnetion checked
CONN_TRUST_CLIENTIP Counter for connnection from trust address