Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

add a global whitelist

Browse Source 
if defined only the listed IPs/networks can access the configured
services, all other client connections will be dropped before they
even try to authenticate

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2022-03-17 22:10:52 +01:00
parent 03da7f696c
commit d9f30e7ac5
12 changed files with 196 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
httpd/server.go
View File

@@ -983,8 +983,8 @@ func (s *httpdServer) checkConnection(next http.Handler) http.Handler {
defer common.Connections.RemoveClientConnection(ipAddr)
if !common.Connections.IsNewConnectionAllowed(ipAddr) {
logger.Log(logger.LevelDebug, common.ProtocolHTTP, "", "connection refused, configured limit reached")
s.sendForbiddenResponse(w, r, "configured connections limit reached")
logger.Log(logger.LevelDebug, common.ProtocolHTTP, "", fmt.Sprintf("connection not allowed from ip %#v", ipAddr))
s.sendForbiddenResponse(w, r, "connection not allowed from your ip")
return
}
if common.IsBanned(ipAddr) {