trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Moseley <moseleym...@gmail.com>
Subject Get Origin IP in Lua
Date Mon, 12 Jan 2015 03:40:46 GMT
Hi. I'm looking at the TS_LUA_HOOK_OS_DNS hook or
TS_LUA_HOOK_SEND_REQUEST_HDR as a way to do a fail-safe way of filtering
*origin* IPs. Obviously this could be done at the onboard firewall level,
but I thought it'd be neat to be able to do something a bit more in-line
(and it's fun to play with Lua).

But despite the aforementioned hooks, there doesn't seem to be anywhere in
the 'ts' table that holds what the origin's DNS hostname was resolved to.
Does that get stored anywhere that ts_lua has access to? ts.server_request
seemed most promising but none of the functions in there seem to return
anything like the origin IP.

If there were something accessible with the origin IP, then I could do a
sanity check like, pseudo-code-wise: for ip in goodips, does origin IP
match ip, and if none match, then return a 403 or 400 or something.

I'm coming up blank looking through the API and source code, but I may be
missing something obvious (or more likely, just looking for the wrong
thing).

Even better (and I've had no luck finding this either) would be something
built-in that contains a list of permitted origin IP blocks, like
ip_allow.config but for the backend request (and again, there might be but
I'm grepping+googling for the wrong thing).

Thanks!

Mime
View raw message