Created
February 16, 2022 13:27
-
-
Save johnhpatton/5fba6ed1269f66b03bd3c88116dadf77 to your computer and use it in GitHub Desktop.
Create a whitelist variable from inputs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# whitelist.conf | |
# Geo maps that build a $whitelist map variable. | |
# | |
# NOTES | |
# * This relies on an $is_google geo map set in a separate .conf file. | |
# * Update $remote_addr used in the maps to a variable that holds the | |
# real client IP address, or set a proxy configuration in the geo | |
# map. See the documentation for guidance. | |
# * Using $remote_addr in geo maps is not required and is the default | |
# variable used in the lookup. If setting a proxy configuration in | |
# the map. It is used here as an example. | |
geo $remote_addr $is_approved_vendor { | |
"3.7.23.42/29" 1; | |
default $is_google; # let the $is_google value fall through | |
} | |
# whitelist private client IP addresses | |
geo $remote_addr $whitelist { | |
"10.0.0.0/8" 1; | |
"127.0.0.0/8" 1; | |
"10.0.0.0/8" 1; | |
"172.16.0.0/12" 1; | |
"192.168.0.0/16" 1; | |
default $is_approved_vendor; | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment