https://github.com/mikeshultz/tornado-http-firewall
An HTTP proxy that utilizes ACLs to control access to URIs
https://github.com/mikeshultz/tornado-http-firewall
Last synced: 12 months ago
JSON representation
An HTTP proxy that utilizes ACLs to control access to URIs
- Host: GitHub
- URL: https://github.com/mikeshultz/tornado-http-firewall
- Owner: mikeshultz
- Created: 2019-01-20T08:44:06.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2019-01-21T05:09:30.000Z (over 7 years ago)
- Last Synced: 2025-01-03T21:16:47.522Z (over 1 year ago)
- Language: Python
- Size: 34.2 KB
- Stars: 0
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# tornado-http-firewall
[](https://travis-ci.org/mikeshultz/solidbyte) [](https://coveralls.io/github/mikeshultz/tornado-http-firewall?branch=master)
An HTTP proxy that utilizes ACLs to control access to URIs.
**NOTE**: Consider this software alpha and extremely buggy and insecure. You
probably shouldn't use this unless you're desparate for something like me. Pull
requests are welcome and encouraged.
Requires Python>=3.6
## Usage
usage: thfirewall [-h] [-a ADDRESS] [-p PORT] [-t TARGET] [-c CONFIG] [-d]
An HTTP proxy that utilizes ACLs to control access to URIs
optional arguments:
-h, --help show this help message and exit
-a ADDRESS, --address ADDRESS
Port number to listen on
-p PORT, --port PORT Port number to listen on
-t TARGET, --target TARGET
The target top level URL to forward requests
-c CONFIG, --config CONFIG
The ACL config YAML file
-d, --debug Show debug messages
## ACL Config Format
Here's an example ACL file. This is a whitelist. All URLs are evaluated
from each path part at a time until one matches. So if someone requests
`/api/v0/get/QmASFD...`, it will first see if `/api` is allowed, then
`/api/v0`, etc...
`public` is the only named role. Every other one should be by IP address.
---
roles:
public:
- /api/v0/get
- /api/v0/pin/ls
127.0.0.1:
- /api/v0/ping