| commit | 1911ce8a0bb51c5639ea7d0e765f3bb360e5324b | [log] [tgz] |
|---|---|---|
| author | Daniel Gruno <humbedooh@apache.org> | Wed Feb 24 20:46:53 2021 +0100 |
| committer | GitHub <noreply@github.com> | Wed Feb 24 20:46:53 2021 +0100 |
| tree | 41e573256cadc361b48ed7dd66a3871a69d24a7f | |
| parent | 490a46014bbaab5aca9021454c3274e5ce698218 [diff] |
Add ip forward default
Aardvark Proxy Middleman
This service acts as a middleman between frontend web servers and ticket submission services such as JIRA or BugZilla, and intercepts all data sent. Data is scanned for known offending words that are common in spam, and blocks the request if such are found.
proxy_url: The backend service to proxy to if request is sanespamurls: Specific honey-pot URLs that trigger a block regardless of the actionignoreurls: Specific URLs that are exempt from spam detectionpostmatches: A list of keywords and/or regexes that, if matched, will block the requestmultimatch: A combination blocker. If a required keyword or regex is matched, the request will be blocked only if one or more auxiliary keywords/regexes are also matchedTo enable as a pipservice, add the following minimal hiera yaml to your node config:
pipservice: aardvark-proxy: tag: main
As Aardvark is a proxy middleman for specific purposes, you will preferably need a web server in front. The example below relays all POST requests for /foo/bar through Aardvark, while letting all GETs etc go directly to the backend service.
Assuming Aardvark is listening on port 4321 and the real backend service is on port 8080:
<Location /foo/bar/> # Send all POST requests through Aardvark <Limit POST> # ProxyPass to Aardvark. Remember that because of <Location ...> the ProxyPass directive is altered. ProxyPass http://localhost:4321/foo/bar/ </Limit> # Send all non-POST requests directly to backend <LimitExcept POST> ProxyPass http://localhost:8080/foo/bar/ </LimitExcept> </Location>