Flow Example
In this configuration:
- API requests to
acmecorp.com/*
are allowed, while all others are blocked. - If a request to a blocked domain is detected, the flow returns a 403 HTTP status code along with the message: "Forbidden Access."
Flow Configuration
/etc/lunar-proxy/flows/flow.yaml
name: DomainAccessControlFlow
filter:
url: "*"
processors:
AllowFilter:
processor: Filter
parameters:
- key: url
value: acmecorp.com/*
GenerateResponseForbidden:
processor: GenerateResponse
parameters:
- key: status
value: 403
- key: body
value: "Forbidden Access"
- key: Content-Type
value: text/plain
flow:
request:
- from:
stream:
name: globalStream
at: start
to:
processor:
name: AllowFilter
- from:
processor:
name: AllowFilter
condition: miss
to:
processor:
name: GenerateResponseForbidden
- from:
processor:
name: AllowFilter
condition: hit
to:
stream:
name: globalStream
at: end
response:
- from:
processor:
name: GenerateResponseForbidden
to:
stream:
name: globalStream
at: end
Flow Parameters
Parameter | Example Value | Description |
---|---|---|
name | DomainAccessControlFlow | The name of the flow, used to identify the flow in configurations. |
filter.url | * | Specifies that the flow applies to all URLs. |
processors.AllowFilter.processor | Filter | Defines the processor responsible for allowing requests to specified URLs. |
processors.AllowFilter.parameters.key | url | Specifies the key for the URL being allowed. |
processors.AllowFilter.parameters.value | acmecorp.com/* | The URL pattern that is allowed. |
processors.GenerateResponseForbidden.processor | GenerateResponse | Defines the processor that generates the response when access is forbidden. |
processors.GenerateResponseForbidden.parameters.key | status , body , Content-Type | Keys that define the response status code, message body, and content type when access is forbidden. |