Comparison

Improve mod_firewall readme

author	Christian Weiske <cweiske@cweiske.de>
date	Mon, 21 Sep 2020 21:57:25 +0200
parent	4127:e9e10ec1b91c
child	4169:ae738969f38a

comparison

equal deleted inserted replaced

-:bb60db2b2cd1
+:87daef9ed4e7
 firewall_scripts = { "path/to/ruleset.pfw", "path/to/ruleset2.pfw" }
 If multiple files are specified and they both add rules to the same chains,
 each file's rules will be processed in order, but the order of files is undefined.
+Reloading Prosody's configuration also reloads firewall rules.
+Make sure that `firewall_scripts` is in the global section of the configuration file
+and not below a virtual host or a component - unless you want per-vhost
+firewall rules.
 Conditions
 ----------
 All conditions must come before any action in a rule block. The
 Action          Description
 --------------- ------------------------------------------------------------------------------------------------------------------------
 `LOG=message`   Logs the given message to Prosody's log file. Optionally prefix it with a log level in square brackets, e.g. `[debug]`
-You can include expressions in log messages, using `$(...)` syntax. For example, to log the stanza that matched the rule, you can use $(stanza),
+You can include expressions in log messages, using `$(...)` syntax. For example, to log the stanza that matched the rule, you can use `$(stanza)`,
-or to log just the top tag of the stanza, use $(stanza:top_tag()).
+or to log just the top tag of the stanza, use `$(stanza:top_tag())`.
+To fetch the sender JID, use `$(stanza.attr.from)`.
 Example:
 # Log all stanzas to user@example.com:
 TO: user@example.com