Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] IP Restriction Plugin #384

Merged
merged 1 commit into from
Jul 10, 2015
Merged

[feature] IP Restriction Plugin #384

merged 1 commit into from
Jul 10, 2015

Conversation

subnetmarco
Copy link
Member

Closes #379. Adds a very basic security plugin, that blocks incoming requests per IP.

Both individual IPs and ranges in CIDR notation (like 127.0.0.0/24) can be either whitelisted or blacklisted.

It also fixes a few bugs like:

  • nil exception in DAO when updating a value that doesn't exist in a schema with a PATCH request
  • During a PATCH update, setting an array field to an empty value properly initializes an empty table {} instead of {""}

@subnetmarco subnetmarco added the pr/ready (but hold merge) No more concerns, but do not merge yet (probably a conflict of interest with another PR or release) label Jul 8, 2015
@subnetmarco subnetmarco self-assigned this Jul 8, 2015
@subnetmarco subnetmarco added this to the 0.4.0 milestone Jul 8, 2015
@subnetmarco subnetmarco force-pushed the feature/ip-restriction branch 2 times, most recently from a1e161d to 86d7986 Compare July 8, 2015 06:40
@sonicaghi sonicaghi added the idea/new plugin [legacy] those issues belong to Kong Nation, since GitHub issues are reserved for bug reports. label Jul 8, 2015
@subnetmarco subnetmarco force-pushed the feature/ip-restriction branch 2 times, most recently from 72eea15 to 365db80 Compare July 8, 2015 09:01
thibaultcha
thibaultcha reviewed Jul 8, 2015
View reviewed changes
kong/dao/cassandra/base_dao.lua
@@ -420,7 +420,7 @@ local function fix_tables(t, old_t, schema)
if v.schema then
local s = type(v.schema) == "function" and v.schema(t) or v.schema
for s_k, s_v in pairs(s.fields) do
if not t[k][s_k] and old_t[k] then
if t[k] and not t[k][s_k] and old_t[k] then
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this go 2 lines above?

if t[k] ~= nil and v.schema then -- explicit ~= nil is especially important in those cases too.
  -- 
end

subnetmarco added a commit that referenced this pull request Jul 10, 2015
@subnetmarco
Merge pull request #384 from Mashape/feature/ip-restriction
6237d30 
[feature] IP Restriction Plugin
@subnetmarco subnetmarco merged commit 6237d30 into master Jul 10, 2015
@subnetmarco subnetmarco deleted the feature/ip-restriction branch July 10, 2015 08:17
ctranxuan pushed a commit to streamdataio/kong that referenced this pull request Aug 25, 2015
@subnetmarco
Merge pull request Kong#384 from Mashape/feature/ip-restriction
92a57df 
[feature] IP Restriction Plugin

Former-commit-id: 2d31762b7f8ebabaad6820ddb92ed14f858eeba4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@subnetmarco subnetmarco

Labels
idea/new plugin [legacy] those issues belong to Kong Nation, since GitHub issues are reserved for bug reports. pr/ready (but hold merge) No more concerns, but do not merge yet (probably a conflict of interest with another PR or release)
Projects
None yet
Milestone
0.4.0
Development

Successfully merging this pull request may close these issues.

[request] IP Whitelisting/Blacklisting plugin
3 participants
@subnetmarco @thibaultcha @sonicaghi