| # YAML |
| # |
| # ip_allow.yaml |
| # |
| # Documentation: |
| # https://docs.trafficserver.apache.org/en/latest/admin-guide/files/ip_allow.yaml.en.html |
| # |
| # Rules: |
| # Each rule is a mapping, with the tags |
| # |
| # apply: Either "in" or "out" to apply to inbound and outbound connections respectively. |
| # ip_addrs: IP address ranges, either a single range or a list of ranges. |
| # action: "allow" or "deny" |
| # methods: A method name or sequence of method names. Available methods: GET, CONNECT, DELETE, |
| # HEAD, OPTIONS, POST, PURGE, PUT, TRACE, PUSH. The special name "ALL" indicates all |
| # methods and it overrides any other methods. |
| # |
| # A rule must have either "src" or "dst" to indicate if the IP addresses apply to inbound connections |
| # or outbound connections. |
| # |
| # The top level tag 'ip_allow' identifies the rule items. Its value must be a rule item or a |
| # sequence of rule items. |
| # |
| # Rules are applied in the order listed starting from the top. |
| # That means you generally want to append your rules after the ones listed here. |
| # |
| # Allow anything on localhost, limit destructive methods elsewhere. |
| ip_allow: |
| - apply: in |
| ip_addrs: 127.0.0.1 |
| action: allow |
| methods: ALL |
| - apply: in |
| ip_addrs: ::1 |
| action: allow |
| methods: ALL |
| - apply: in |
| ip_addrs: 0/0 |
| action: deny |
| methods: |
| - PURGE |
| - PUSH |
| - DELETE |
| - apply: in |
| ip_addrs: ::/0 |
| action: deny |
| methods: |
| - PURGE |
| - PUSH |
| - DELETE |
