magiconair
commented
7 years ago @freeman This has been discussed before in the context of rate limiting and I'd like to add something like that. The main issue was on where to store the list of addresses while handling the high volatility of the data w/o overwhelming the consul server and raft updates.
However, for static black lists consul could be sufficient since this would assume that some other process would maintain and update that list and fabio would be just a consumer.
One approach could be to allow something like this and store this in consul similar to the manual overrides and just append this to the routing table definition.
route block 1.2.3.4
route block 10.0.0.0/8
...
We'd love to be able to use the IP of the initiator of a request (either the direct TCP one or one derived from upstream proxies via
X-Forwarded-FororX-Real-Ip) to filter/block/route requests to a service.Is this something that would fit in fabio ?
Thanks,