Checkpoint/config/ipfilter.toml.example

89 lines
No EOL
3.3 KiB
Text

# =============================================================================
# IP FILTER CONFIGURATION
# =============================================================================
# This configuration controls the IP filtering middleware that blocks requests
# based on geographic location (country/continent) and network (ASN) information.
# =============================================================================
# -----------------------------------------------------------------------------
# CORE SETTINGS
# -----------------------------------------------------------------------------
[Core]
# Enable or disable the IP filter entirely
Enabled = false
# MaxMind account ID for downloading GeoIP databases
# Can also be set via MAXMIND_ACCOUNT_ID environment variable or .env file
AccountID = ""
# MaxMind license key for downloading GeoIP databases
# Can also be set via MAXMIND_LICENSE_KEY environment variable or .env file
LicenseKey = ""
# How often to check for database updates (in hours)
DBUpdateIntervalHours = 12
# -----------------------------------------------------------------------------
# CACHING SETTINGS
# -----------------------------------------------------------------------------
[Cache]
# TTL for cached IP block decisions (in seconds)
# 0 = cache indefinitely until server restart
IPBlockCacheTTLSec = 300
# Maximum number of cached IP decisions
# 0 = unlimited
IPBlockCacheMaxEntries = 10000
# -----------------------------------------------------------------------------
# BLOCKING RULES
# -----------------------------------------------------------------------------
[Blocking]
# ISO country codes to block (2-letter codes)
CountryCodes = [
"XX", "YY", "ZZ" # Replace with actual country codes
]
# Continent codes to block
ContinentCodes = [] # Example: ["AF", "AS"]
# Default block page when no specific page is configured
DefaultBlockPage = "/pages/ipfilter/default.html"
# -----------------------------------------------------------------------------
# ASN BLOCKING
# -----------------------------------------------------------------------------
# Block by Autonomous System Number (ASN)
# Group ASNs by category for different block pages
# [ASN.Example]
# Numbers = [12345, 67890]
# BlockPage = "pages/ipfilter/example.html"
# -----------------------------------------------------------------------------
# ASN NAME BLOCKING
# -----------------------------------------------------------------------------
# Block by ASN organization name patterns
[ASNNames.DataCenter]
# Block data center and cloud providers
Patterns = [
"Cloudflare", "GOOGLE-CLOUD-PLATFORM", "Microsoft", "Amazon", "AWS",
"Digitalocean", "OVH", "HUAWEI CLOUDS"
]
BlockPage = "/pages/ipfilter/datacenter.html"
# -----------------------------------------------------------------------------
# COUNTRY-SPECIFIC BLOCK PAGES
# -----------------------------------------------------------------------------
[CountryBlockPages]
# Custom block pages for specific countries
XX = "/pages/ipfilter/country-xx.html"
# -----------------------------------------------------------------------------
# CONTINENT-SPECIFIC BLOCK PAGES
# -----------------------------------------------------------------------------
[ContinentBlockPages]
# Custom block pages for specific continents
# AS = "pages/ipfilter/asia.html"
# AF = "pages/ipfilter/africa.html"