/etc/filtron/rules.json: normalize rules from docs & tooling box

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2025-07-23 05:09:17 +02:00 · 2020-02-04 17:59:58 +01:00 · 2020-02-04 17:59:58 +01:00 · 2f40f61f83
commit 2f40f61f83
parent d07119ca49
5 changed files with 210 additions and 207 deletions
--- a/docs/admin/filtron.rst
+++ b/docs/admin/filtron.rst
@ -39,6 +39,10 @@ an installation and the maintenance of, use our script :ref:`filtron.sh`.
 Sample configuration of filtron
 ===============================

+.. sidebar:: Tooling box
+
+   - :origin:`/etc/filtron/rules.json <utils/templates/etc/filtron/rules.json>`
+
 An example configuration can be find below. This configuration limits the access
 of:

@ -50,100 +54,100 @@ of:

 .. code:: json

-   [{
-      "name":"search request",
-      "filters":[
-         "Param:q",
-         "Path=^(/|/search)$"
-      ],
-      "interval":"<time-interval-in-sec (int)>",
-      "limit":"<max-request-number-in-interval (int)>",
-      "subrules":[
-         {
-            "name":"roboagent limit",
-            "interval":"<time-interval-in-sec (int)>",
-            "limit":"<max-request-number-in-interval (int)>",
-            "filters":[
-               "Header:User-Agent=(curl|cURL|Wget|python-requests|Scrapy|FeedFetcher|Go-http-client)"
-            ],
-            "actions":[
-               {
-                  "name":"block",
-                  "params":{
-                     "message":"Rate limit exceeded"
-                  }
-               }
-            ]
-         },
-         {
-            "name":"botlimit",
-            "limit":0,
-            "stop":true,
-            "filters":[
-               "Header:User-Agent=(Googlebot|bingbot|Baiduspider|yacybot|YandexMobileBot|YandexBot|Yahoo! Slurp|MJ12bot|AhrefsBot|archive.org_bot|msnbot|MJ12bot|SeznamBot|linkdexbot|Netvibes|SMTBot|zgrab|James BOT)"
-            ],
-            "actions":[
-               {
-                  "name":"block",
-                  "params":{
-                     "message":"Rate limit exceeded"
-                  }
-               }
-            ]
-         },
-         {
-            "name":"IP limit",
-            "interval":"<time-interval-in-sec (int)>",
-            "limit":"<max-request-number-in-interval (int)>",
-            "stop":true,
-            "aggregations":[
-               "Header:X-Forwarded-For"
-            ],
-            "actions":[
-               {
-                  "name":"block",
-                  "params":{
-                     "message":"Rate limit exceeded"
-                  }
-               }
-            ]
-         },
-         {
-            "name":"rss/json limit",
-            "interval":"<time-interval-in-sec (int)>",
-            "limit":"<max-request-number-in-interval (int)>",
-            "stop":true,
-            "filters":[
-               "Param:format=(csv|json|rss)"
-            ],
-            "actions":[
-               {
-                  "name":"block",
-                  "params":{
-                     "message":"Rate limit exceeded"
-                  }
-               }
-            ]
-         },
-         {
-            "name":"useragent limit",
-            "interval":"<time-interval-in-sec (int)>",
-            "limit":"<max-request-number-in-interval (int)>",
-            "aggregations":[
-               "Header:User-Agent"
-            ],
-            "actions":[
-               {
-                  "name":"block",
-                  "params":{
-                     "message":"Rate limit exceeded"
-                  }
-               }
-            ]
-         }
-      ]
-   }]
-
+   [
+     { "name": "search request",
+       "filters": [
+	 "Param:q",
+	 "Path=^(/|/search)$"
+       ],
+       "interval": "<time-interval-in-sec (int)>",
+       "limit": "<max-request-number-in-interval (int)>",
+       "subrules": [
+	 {
+	   "name": "roboagent limit",
+	   "interval": "<time-interval-in-sec (int)>",
+	   "limit": "<max-request-number-in-interval (int)>",
+	   "filters": [
+	     "Header:User-Agent=(curl|cURL|Wget|python-requests|Scrapy|FeedFetcher|Go-http-client)"
+	   ],
+	   "actions": [
+	     { "name": "log"},
+	     { "name": "block",
+	       "params": {
+		 "message": "Rate limit exceeded"
+	       }
+	     }
+	   ]
+	 },
+	 {
+	   "name": "botlimit",
+	   "limit": 0,
+	   "stop": true,
+	   "filters": [
+	     "Header:User-Agent=(Googlebot|bingbot|Baiduspider|yacybot|YandexMobileBot|YandexBot|Yahoo! Slurp|MJ12bot|AhrefsBot|archive.org_bot|msnbot|MJ12bot|SeznamBot|linkdexbot|Netvibes|SMTBot|zgrab|James BOT)"
+	   ],
+	   "actions": [
+	     { "name": "log"},
+	     { "name": "block",
+	       "params": {
+		 "message": "Rate limit exceeded"
+	       }
+	     }
+	   ]
+	 },
+	 {
+	   "name": "IP limit",
+	   "interval": "<time-interval-in-sec (int)>",
+	   "limit": "<max-request-number-in-interval (int)>",
+	   "stop": true,
+	   "aggregations": [
+	     "Header:X-Forwarded-For"
+	   ],
+	   "actions": [
+	     { "name": "log"},
+	     { "name": "block",
+	       "params": {
+		 "message": "Rate limit exceeded"
+	       }
+	     }
+	   ]
+	 },
+	 {
+	   "name": "rss/json limit",
+	   "interval": "<time-interval-in-sec (int)>",
+	   "limit": "<max-request-number-in-interval (int)>",
+	   "stop": true,
+	   "filters": [
+	     "Param:format=(csv|json|rss)"
+	   ],
+	   "actions": [
+	     { "name": "log"},
+	     { "name": "block",
+	       "params": {
+		 "message": "Rate limit exceeded"
+	       }
+	     }
+	   ]
+	 },
+	 {
+	   "name": "useragent limit",
+	   "interval": "<time-interval-in-sec (int)>",
+	   "limit": "<max-request-number-in-interval (int)>",
+	   "aggregations": [
+	     "Header:User-Agent"
+	   ],
+	   "actions": [
+	     { "name": "log"},
+	     { "name": "block",
+	       "params": {
+		 "message": "Rate limit exceeded"
+	       }
+	     }
+	   ]
+	 }
+       ]
+     }
+   ]


 Route request through filtron