Closed muety closed 2 years ago
The remote_ip matcher should be working.
I have it working like this:
(GEOFILTER) {
@geofilter {
not maxmind_geolocation {
db_path "/usr/share/GeoIP/GeoLite2-Country.mmdb"
allow_countries DE
}
not remote_ip 10.0.0.0/24
}
respond @geofilter 403
}
test.org:443 {
log
import GEOFILTER
file_server * {
root /var/www
}
}
@p-rintz How to match (remote_ip 10.0.0.0/24) OR (allow_countries DE)
?
That would be what I have in my example above.
The example allows the 10.0.0.0/24 range and traffic from Germany.
Your example is (not remote_ip 10.0.0.0/24) AND (not allow_countries DE)
, but I want (remote_ip 10.0.0.0/24) OR (allow_countries DE)
Haven't used caddy in months, so no idea then.Sorry.
Your example is
(not remote_ip 10.0.0.0/24) AND (not allow_countries DE)
, but I want(remote_ip 10.0.0.0/24) OR (allow_countries DE)
I think those are the same thing, just phrased differently. Blocking (NOT Germany) AND (NOT local)
is the same as allowing Germany or local
.
@dJani97 Thanks!
Would be cool to exclude certain IP ranges (e.g.
192.168.0.0/16
) from the checks. I tried to combinemaxmind_geolocation
together withremote_ip
matcher, but couldn't find a way to OR them as part of the same named matcher.