Software / code / prosody-modules
Annotate
mod_s2sout_override/README.md @ 5810:e79f9dec35c0
mod_c2s_conn_throttle: Reduce log level from error->info
Our general policy is that "error" should never be triggerable by remote
entities, and that it is always about something that requires admin
intervention. This satisfies neither condition.
The "warn" level can be used for unexpected events/behaviour triggered by
remote entities, and this could qualify. However I don't think failed auth
attempts are unexpected enough.
I selected "info" because it is what is also used for other notable session
lifecycle events.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Thu, 07 Dec 2023 15:46:50 +0000 |
| parent | 5632:ae62d92506dc |
| rev | line source |
|---|---|
|
5486
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 --- |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 summary: Override s2s connection targets |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 --- |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 This module replaces [mod_s2soutinjection] and uses more modern and |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 reliable methods for overriding connection targets. |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 # Configuration |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 Enable the module as usual, then specify a map of XMPP remote hostnames |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 to URIs like `"tcp://host.example:port"`, to have Prosody connect there |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 instead of doing normal DNS SRV resolution. |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
|
5487
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
14 Currently supported schemes are `tcp://` and `tls://`. A future version |
|
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
15 could support more methods including alternate SRV lookup targets or |
|
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
16 even UNIX sockets. |
|
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
17 |
|
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
18 URIs with IP addresses like `tcp://127.0.0.1:9999` will bypass A/AAAA |
|
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
19 DNS lookups. |
|
5486
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
|
5631
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
21 The special target `"*"` may be used to redirect all servers that don't have |
|
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
22 an exact match. |
|
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
23 |
|
5632
ae62d92506dc
mod_s2sout_override: Add support for one-level wildcards (e.g. *.example.net)
Kim Alvefur <zash@zash.se>
parents:
5631
diff
changeset
|
24 One-level wildcards like `"*.example.net"` also work. |
|
ae62d92506dc
mod_s2sout_override: Add support for one-level wildcards (e.g. *.example.net)
Kim Alvefur <zash@zash.se>
parents:
5631
diff
changeset
|
25 |
|
5631
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
26 Standard DNS SRV resolution can be restored by specifying a truthy value. |
|
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
27 |
|
5486
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 ```lua |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 -- Global section |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 modules_enabled = { |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 -- other global modules |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 "s2sout_override"; |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 } |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 s2sout_override = { |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 ["example.com"] = "tcp://other.host.example:5299"; |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 ["xmpp.example.net"] = "tcp://localhost:5999"; |
|
5631
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
38 ["secure.example"] = "tls://127.0.0.1:5270"; |
|
5632
ae62d92506dc
mod_s2sout_override: Add support for one-level wildcards (e.g. *.example.net)
Kim Alvefur <zash@zash.se>
parents:
5631
diff
changeset
|
39 ["*.allthese.example"] = = "tcp://198.51.100.123:9999"; |
|
5631
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
40 |
|
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
41 -- catch-all: |
|
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
42 ["*"] = "tls://127.0.0.1:5370"; |
|
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
43 -- bypass the catch-all, use standard DNS SRV: |
|
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
44 ["jabber.example"] = true; |
|
5486
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 } |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 ``` |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 # Compatibility |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 Prosody version status |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 --------------- ---------- |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 0.12.4 Will work |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 0.12.3 Will not work |
|
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 0.11 Will not work |
