mirror
/
Enterprise-Onion-Toolkit
kopia lustrzana https://github.com/alecmuffett/eotk
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność
Enterprise-Onion-Toolkit/templates.d/nginx-generated-blocks.conf

378 wiersze
11 KiB
Awk
Czysty Bezpośredni odnośnik Wina Historia

# ---- BEGIN CODE GENERATED BY ../lib.d/generate-bw-code.pl ---- -*- awk -*-
# blacklists (generated)
%%IF %USER_AGENT_BLACKLIST%
# check user_agent_blacklist (generated)
%%CSV %USER_AGENT_BLACKLIST%
if ( $http_user_agent = "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no user_agent_blacklist
%%ENDIF
%%IF %USER_AGENT_BLACKLIST_RE%
# check user_agent_blacklist_re (generated)
%%CSV %USER_AGENT_BLACKLIST_RE%
if ( $http_user_agent ~* "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no user_agent_blacklist_re
%%ENDIF
%%IF %REFERER_BLACKLIST%
# check referer_blacklist (generated)
%%CSV %REFERER_BLACKLIST%
if ( $http_referer = "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no referer_blacklist
%%ENDIF
%%IF %REFERER_BLACKLIST_RE%
# check referer_blacklist_re (generated)
%%CSV %REFERER_BLACKLIST_RE%
if ( $http_referer ~* "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no referer_blacklist_re
%%ENDIF
%%IF %ORIGIN_BLACKLIST%
# check origin_blacklist (generated)
%%CSV %ORIGIN_BLACKLIST%
if ( $http_origin = "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no origin_blacklist
%%ENDIF
%%IF %ORIGIN_BLACKLIST_RE%
# check origin_blacklist_re (generated)
%%CSV %ORIGIN_BLACKLIST_RE%
if ( $http_origin ~* "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no origin_blacklist_re
%%ENDIF
%%IF %HOST_BLACKLIST%
# check host_blacklist (generated)
%%CSV %HOST_BLACKLIST%
if ( $http_host = "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no host_blacklist
%%ENDIF
%%IF %HOST_BLACKLIST_RE%
# check host_blacklist_re (generated)
%%CSV %HOST_BLACKLIST_RE%
if ( $http_host ~* "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no host_blacklist_re
%%ENDIF
%%IF %PATH_BLACKLIST%
# check path_blacklist (generated)
%%CSV %PATH_BLACKLIST%
if ( $uri = "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no path_blacklist
%%ENDIF
%%IF %PATH_BLACKLIST_RE%
# check path_blacklist_re (generated)
%%CSV %PATH_BLACKLIST_RE%
if ( $uri ~* "%0%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no path_blacklist_re
%%ENDIF
%%IF %PARAM_BLACKLIST%
# check param_blacklist (generated)
%%CSV %PARAM_BLACKLIST%
if ( $arg_%1% = "%2%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no param_blacklist
%%ENDIF
%%IF %PARAM_BLACKLIST_RE%
# check param_blacklist_re (generated)
%%CSV %PARAM_BLACKLIST_RE%
if ( $arg_%1% ~* "%2%" ) { %NGINX_ACTION_ABORT%; }
%%ENDCSV
%%ELSE
# no param_blacklist_re
%%ENDIF
# polite blocks (generated)
%%IF %SUPPRESS_TOR2WEB%
# polite block for suppress_tor2web (generated)
%%CSV %SUPPRESS_TOR2WEB%
if ( $http_x_tor2web ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no suppress_tor2web
%%ENDIF
%%IF %BLOCK_USER_AGENT%
# polite block for block_user_agent (generated)
%%CSV %BLOCK_USER_AGENT%
if ( $http_user_agent = "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_user_agent
%%ENDIF
%%IF %BLOCK_USER_AGENT_RE%
# polite block for block_user_agent_re (generated)
%%CSV %BLOCK_USER_AGENT_RE%
if ( $http_user_agent ~* "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_user_agent_re
%%ENDIF
%%IF %BLOCK_REFERER%
# polite block for block_referer (generated)
%%CSV %BLOCK_REFERER%
if ( $http_referer = "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_referer
%%ENDIF
%%IF %BLOCK_REFERER_RE%
# polite block for block_referer_re (generated)
%%CSV %BLOCK_REFERER_RE%
if ( $http_referer ~* "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_referer_re
%%ENDIF
%%IF %BLOCK_ORIGIN%
# polite block for block_origin (generated)
%%CSV %BLOCK_ORIGIN%
if ( $http_origin = "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_origin
%%ENDIF
%%IF %BLOCK_ORIGIN_RE%
# polite block for block_origin_re (generated)
%%CSV %BLOCK_ORIGIN_RE%
if ( $http_origin ~* "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_origin_re
%%ENDIF
%%IF %BLOCK_HOST%
# polite block for block_host (generated)
%%CSV %BLOCK_HOST%
if ( $http_host = "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_host
%%ENDIF
%%IF %BLOCK_HOST_RE%
# polite block for block_host_re (generated)
%%CSV %BLOCK_HOST_RE%
if ( $http_host ~* "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_host_re
%%ENDIF
%%IF %BLOCK_PATH%
# polite block for block_path (generated)
%%CSV %BLOCK_PATH%
if ( $uri = "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_path
%%ENDIF
%%IF %BLOCK_PATH_RE%
# polite block for block_path_re (generated)
%%CSV %BLOCK_PATH_RE%
if ( $uri ~* "%0%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_path_re
%%ENDIF
%%IF %BLOCK_LOCATION%
# polite block for block_location (generated)
%%CSV %BLOCK_LOCATION%
location %0% { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_location
%%ENDIF
%%IF %BLOCK_LOCATION_RE%
# polite block for block_location_re (generated)
%%CSV %BLOCK_LOCATION_RE%
location ~* "%0%" { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_location_re
%%ENDIF
%%IF %BLOCK_PARAM%
# polite block for block_param (generated)
%%CSV %BLOCK_PARAM%
if ( $arg_%1% = "%2%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_param
%%ENDIF
%%IF %BLOCK_PARAM_RE%
# polite block for block_param_re (generated)
%%CSV %BLOCK_PARAM_RE%
if ( $arg_%1% ~* "%2%" ) { return 403 "%BLOCK_ERR%"; }
%%ENDCSV
%%ELSE
# no block_param_re
%%ENDIF
# redirects (generated)
%%IF %REDIRECT_HOST%
# redirect redirect_host: 1=regexp,2=code,3=dest (REQUEST_URI will be appended) (generated)
%%CSV %REDIRECT_HOST%
if ( $host ~* "%1%" ) {
set $dont_onionify_response_headers 1; # dest URL must not be rewritten, prevent loops; cookies may migrate.
return %2% %3%$request_uri;
}
%%ENDCSV
%%ELSE
# no redirect_host
%%ENDIF
%%IF %REDIRECT_PATH%
# redirect redirect_path: 1=regexp,2=code,3=dest (REQUEST_URI will be appended) (generated)
%%CSV %REDIRECT_PATH%
if ( $uri ~* "%1%" ) {
return %2% %3%$request_uri;
}
%%ENDCSV
%%ELSE
# no redirect_path
%%ENDIF
%%IF %REDIRECT_FIXED_HOST%
# fixed_redirect redirect_fixed_host: 1=regexp,2=code,3=dest (REQUEST_URI will NOT be appended) (generated)
%%CSV %REDIRECT_FIXED_HOST%
if ( $host ~* "%1%" ) {
set $dont_onionify_response_headers 1; # dest URL must not be rewritten, prevent loops; cookies may migrate.
return %2% %3%;
}
%%ENDCSV
%%ELSE
# no redirect_fixed_host
%%ENDIF
%%IF %REDIRECT_FIXED_PATH%
# fixed_redirect redirect_fixed_path: 1=regexp,2=code,3=dest (REQUEST_URI will NOT be appended) (generated)
%%CSV %REDIRECT_FIXED_PATH%
if ( $uri ~* "%1%" ) {
return %2% %3%;
}
%%ENDCSV
%%ELSE
# no redirect_fixed_path
%%ENDIF
# whitelists (generated)
%%IF %USER_AGENT_WHITELIST%
# check user_agent_whitelist (generated)
set $fail_user_agent_whitelist 1;
%%CSV %USER_AGENT_WHITELIST%
if ( $http_user_agent = "%0%" ) { set $fail_user_agent_whitelist 0; }
%%ENDCSV
%%ELSE
# no user_agent_whitelist
%%ENDIF
%%IF %USER_AGENT_WHITELIST_RE%
# check user_agent_whitelist_re (generated)
set $fail_user_agent_whitelist_re 1;
%%CSV %USER_AGENT_WHITELIST_RE%
if ( $http_user_agent ~* "%0%" ) { set $fail_user_agent_whitelist_re 0; }
%%ENDCSV
%%ELSE
# no user_agent_whitelist_re
%%ENDIF
%%IF %REFERER_WHITELIST%
# check referer_whitelist (generated)
set $fail_referer_whitelist 1;
%%CSV %REFERER_WHITELIST%
if ( $http_referer = "%0%" ) { set $fail_referer_whitelist 0; }
%%ENDCSV
%%ELSE
# no referer_whitelist
%%ENDIF
%%IF %REFERER_WHITELIST_RE%
# check referer_whitelist_re (generated)
set $fail_referer_whitelist_re 1;
%%CSV %REFERER_WHITELIST_RE%
if ( $http_referer ~* "%0%" ) { set $fail_referer_whitelist_re 0; }
%%ENDCSV
%%ELSE
# no referer_whitelist_re
%%ENDIF
%%IF %ORIGIN_WHITELIST%
# check origin_whitelist (generated)
set $fail_origin_whitelist 1;
%%CSV %ORIGIN_WHITELIST%
if ( $http_origin = "%0%" ) { set $fail_origin_whitelist 0; }
%%ENDCSV
%%ELSE
# no origin_whitelist
%%ENDIF
%%IF %ORIGIN_WHITELIST_RE%
# check origin_whitelist_re (generated)
set $fail_origin_whitelist_re 1;
%%CSV %ORIGIN_WHITELIST_RE%
if ( $http_origin ~* "%0%" ) { set $fail_origin_whitelist_re 0; }
%%ENDCSV
%%ELSE
# no origin_whitelist_re
%%ENDIF
%%IF %HOST_WHITELIST%
# check host_whitelist (generated)
set $fail_host_whitelist 1;
%%CSV %HOST_WHITELIST%
if ( $http_host = "%0%" ) { set $fail_host_whitelist 0; }
%%ENDCSV
%%ELSE
# no host_whitelist
%%ENDIF
%%IF %HOST_WHITELIST_RE%
# check host_whitelist_re (generated)
set $fail_host_whitelist_re 1;
%%CSV %HOST_WHITELIST_RE%
if ( $http_host ~* "%0%" ) { set $fail_host_whitelist_re 0; }
%%ENDCSV
%%ELSE
# no host_whitelist_re
%%ENDIF
%%IF %PATH_WHITELIST%
# check path_whitelist (generated)
set $fail_path_whitelist 1;
%%CSV %PATH_WHITELIST%
if ( $uri = "%0%" ) { set $fail_path_whitelist 0; }
%%ENDCSV
%%ELSE
# no path_whitelist
%%ENDIF
%%IF %PATH_WHITELIST_RE%
# check path_whitelist_re (generated)
set $fail_path_whitelist_re 1;
%%CSV %PATH_WHITELIST_RE%
if ( $uri ~* "%0%" ) { set $fail_path_whitelist_re 0; }
%%ENDCSV
%%ELSE
# no path_whitelist_re
%%ENDIF
%%IF %PARAM_WHITELIST%
# check param_whitelist (generated)
set $fail_param_whitelist 1;
%%CSV %PARAM_WHITELIST%
if ( $arg_%1% = "%2%" ) { set $fail_param_whitelist 0; }
%%ENDCSV
%%ELSE
# no param_whitelist
%%ENDIF
%%IF %PARAM_WHITELIST_RE%
# check param_whitelist_re (generated)
set $fail_param_whitelist_re 1;
%%CSV %PARAM_WHITELIST_RE%
if ( $arg_%1% ~* "%2%" ) { set $fail_param_whitelist_re 0; }
%%ENDCSV
%%ELSE
# no param_whitelist_re
%%ENDIF
# ---- END CODE GENERATED BY ../lib.d/generate-bw-code.pl ----
Reference in New Issue View Git Blame Kopiuj bezpośredni odnośnik