Version: Next

Flow Example

In this configuration:

API requests to acmecorp.com/* are allowed, while all others are blocked.
If a request to a blocked domain is detected, the flow returns a 403 HTTP status code along with the message: "Forbidden Access."

Flow Configuration

/etc/lunar-proxy/flows/flow.yaml
name: DomainAccessControlFlow

filter:
  url: "*"

processors:
  AllowFilter:
    processor: Filter
    parameters:
      - key: url
        value: acmecorp.com/*

  BlockFilter:
    processor: Filter
    parameters:
      - key: header
        value: x-domain-access=<any-value>

  GenerateResponseForbidden:
    processor: GenerateResponse
    parameters:
      - key: status
        value: 403
      - key: body
        value: "Forbidden Access"
      - key: Content-Type
        value: text/plain

flow:
  request:
    - from:
        stream:
          name: globalStream
          at: start
      to:
        processor:
          name: AllowFilter

    - from:
        processor:
          name: AllowFilter
          condition: hit
      to:
        processor:
          name: BlockFilter

    - from:
        processor:
          name: AllowFilter
          condition: miss
      to:
        processor:
          name: GenerateResponseForbidden

    - from:
        processor:
          name: BlockFilter
          condition: hit
      to:
        processor:
          name: GenerateResponseForbidden

    - from:
        processor:
          name: BlockFilter
          condition: miss
      to:
        stream:
          name: globalStream
          at: end

  response:
    - from:
        processor:
          name: GenerateResponseForbidden 
      to:
        stream:
          name: globalStream
          at: end

Flow Parameters

Parameter	Example Value	Description
`name`	`DomainAccessControlFlow`	The name of the flow, used to identify the flow in configurations.
`filter.url`	`*`	Specifies that the flow applies to all URLs.
`processors.AllowFilter.processor`	`Filter`	Defines the processor responsible for allowing requests to specified URLs.
`processors.AllowFilter.parameters.key`	`url`	Specifies the key for the URL being allowed.
`processors.AllowFilter.parameters.value`	`acmecorp.com/*`	The URL pattern that is allowed.
`processors.BlockFilter.processor`	`Filter`	Defines the processor responsible for blocking requests based on a header.
`processors.BlockFilter.parameters.key`	`header`	Specifies the key for the header being checked.
`processors.BlockFilter.parameters.value`	`X-Domain-Access=<any-value>`	The header pattern used to block requests.
`processors.GenerateResponseForbidden.processor`	`GenerateResponse`	Defines the processor that generates the response when access is forbidden.
`processors.GenerateResponseForbidden.parameters.key`	`status`, `body`, `Content-Type`	Keys that define the response status code, message body, and content type when access is forbidden.

Flow Configuration​

Flow Parameters​

Flow Configuration

Flow Parameters