diff options
| author | Markus Heiser <markus.heiser@darmarit.de> | 2020-01-08 19:21:07 +0100 |
|---|---|---|
| committer | Markus Heiser <markus.heiser@darmarit.de> | 2020-01-08 19:21:07 +0100 |
| commit | 4139c63d23a1f4cc427eb428bcff0594c395c1c5 (patch) | |
| tree | 6f5f0165244194f17acb85914d5ae80e3fdd798e /utils/templates/etc | |
| parent | 28dacee28819ea2d24fd8ff6547fd3a175677084 (diff) | |
| download | searxng-4139c63d23a1f4cc427eb428bcff0594c395c1c5.tar.gz searxng-4139c63d23a1f4cc427eb428bcff0594c395c1c5.zip | |
utils/filtron.sh: add script to install filtron middleware
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
Diffstat (limited to 'utils/templates/etc')
| -rw-r--r-- | utils/templates/etc/filtron/rules.json | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/utils/templates/etc/filtron/rules.json b/utils/templates/etc/filtron/rules.json new file mode 100644 index 000000000..4a232388e --- /dev/null +++ b/utils/templates/etc/filtron/rules.json @@ -0,0 +1,56 @@ +[ + { + "name": "api limit", + "interval": 60, + "limit": 1000, + "filters": ["Path=^/api"], + "aggregations": ["Path"], + "actions": [ + {"name": "block"} + ], + "subrules": [ + { + "name": "drop put", + "interval": 60, + "limit": 100, + "filters": ["Method=PUT"], + "aggregations": ["Header:X-Forwarded-For"], + "actions": [ + {"name": "shell", + "params": {"cmd": "iptables -A INPUT -s %v -j DROP", "args": ["Header:X-Forwarded-For"]}} + ] + } + ] + }, + { + "name": "log'n'block rss", + "interval": 300, + "limit": 2500, + "filters": ["Path=^/$", "GET:format=rss"], + "actions": [ + {"name": "log"}, + {"name": "block"} + ] + }, + { + "name": "log rule", + "filters": ["Path=/"], + "actions": [ {"name": "log"} ], + "subrules": [ + { + "name": "block missing accept-language", + "filters": ["!Header:Accept-Language"], + "actions": [ + {"name": "block"} + ] + }, + { + "name": "block curl", + "filters": ["Header:User-Agent=[Cc]url"], + "actions": [ + {"name": "block"} + ] + } + ] + } +] |