Firewall

The Firewall feature of Peakhour.IO controls incoming client requests based on specific conditions. When a client request matches a firewall rule, the system applies the specified action and stops evaluating further firewall rules.

Example

The filter matches requests from specific IP addresses or from Australia:

ip.src in {1.1.1.1, 2.2.2.2} or ip.geoip.country == "AU"

The configuration allows requests that match the rule to proceed:

firewall.allow:
  reason: "Trusted IP or Australian traffic"

For more information on the firewall.allow action, refer to the Firewall section in the vconf documentation.

Available Actions

• firewall.allow: Allows the client request to proceed, skipping remaining firewall rules.
• firewall.deny: Blocks the client request, skipping remaining firewall rules.
• firewall.challenge: Presents a challenge to the client, skipping remaining firewall rules.
• firewall.log: Logs the request and continues processing remaining firewall rules.

Fields

The firewall phase provides access to the following fields:

• Request fields
• GeoIP fields
• User agent fields
• Bot fields
• Fingerprint Fields

Use Cases

1. Block traffic from specific countries or IP ranges.
2. Allow only verified bots to access certain resources.
3. Implement rate limiting based on client fingerprints.
4. Customise access rules based on user agent information.