FirewallBundle
FirewallBundle copied to clipboard
BedrockStreaming
:no_entry: DEPRECATED - Symfony bundle providing IP filtering features
Firewall Bundle 
This bundle provides IP filtering features for your Symfony applications.
It uses the Firewall component and offers service and annotations configuration.
For implementation into a Symfony 3 or Symfony 4 application, please use the release v3.0.0 at least.
Installation
Add this line in your composer.json :
{
"require": {
"m6web/firewall-bundle": "dev-master"
}
}
Update your vendors :
composer update m6web/firewall-bundle
Registering
class AppKernel extends \Symfony\Component\HttpKernel\Kernel
{
public function registerBundles()
{
$bundles = array(
new M6Web\Bundle\FirewallBundle\M6WebFirewallBundle(),
);
}
}
Usage
Configuration
m6web_firewall:
lists: # Define some IP lists into the Firewall Provider
self: # Define a list named "self"
- '127.0.0.1' # IPV4
- '::1' # IPV6 short notation
lan: # Define a list named "lan"
- '192.168.0.*' # IPV4 with Wildcard (* = all)
- '192.168.0.0/24' # IPV4 with CIDR Mask
- '192.168.0.0/255.255.255.0' # IPV4 with Subnet Mask
configs: # Define some pre-defined configurations into the Firewall Provider
default: # Define a configuration named "default"
default_state: true # Default returned value (default: true)
throw_error: true # Throw an exception for rejected users (default: true)
error_code: 403 # Exception status code (default: 403)
error_message: 'Forbidden' # Exception message (default: Forbidden)
lists: # Lists access state
self: true # "self" list records will be allowed by the firewall
lan: false # "lan" list records will be rejected by the firewall
entries: # Define custom IP's access state
'192.168.0.10': true # "192.168.0.10" will be allowed
'192.168.0.20': false # "192.168.0.20" will be rejected
Global annotation
use M6Web\Bundle\FirewallBundle\Annotation\Firewall;
/**
* @Firewall(
* config="default",
* actions={
* 'myFirstAction'
* },
* default_state=true,
* lists={
* 'default': true
* },
* entries={
* '192.168.0.50': false
* },
* throw_error: false,
* callback="myFirewallResponseHandler",
* error_message: 'Forbiden',
* error_code: 403
* )
*/
configparameter sets which pre-defined configuration to use,actionsparameter sets which actions of the controller are protected (in case of Class Annotation).
All default set parameters can be overloaded by annotation.
Class annotation
use M6Web\Bundle\FirewallBundle\Annotation\Firewall;
/**
* @Firewall(
* config="default",
* actions={
* 'myFirstAction'
* }
* )
*/
class MyBundleController extends Controller
{
public function myFirstAction()
{
}
public function mySecondAction()
{
}
}
myFirstActionis protected by the pre-defined configurationdefault.
In this case we can set one (or many) firewall used for many actions.
Method annotation
use M6Web\Bundle\FirewallBundle\Annotation\Firewall;
class MyBundleController extends Controller
{
/**
* @Firewall(
* config="default"
* )
*/
public function myFirstAction()
{
}
/**
* @Firewall(
* default_state=true,
* lists={
* 'lan': false
* },
* entries={
* '20.30.40.50': false
* }
* )
*/
public function mySecondAction()
{
}
}
myFirstActionuses its own firewall with pre-defined configurationdefault,mySecondActionuses its own firewall with a custom configuration.
Path configuration
m6web_firewall:
patterns: # define some routing pattern to filter
api:
config: default # config associed to the path
path: /api # path to filter
configparameter sets which pre-defined configuration to use,pathparameter sets which path are protected.
Running the tests
$ php composer.phar install --dev
$ ./vendor/bin/atoum -d Tests/
Credits
Developped by the Cytron Team of M6 Web.
Tested with atoum.
License
The FirewallBundle is licensed under the MIT license.
Metadata
23
Stars
11
Forks
Watchers
Owner
BedrockStreaming
Metadata
:no_entry: DEPRECATED - Symfony bundle providing IP filtering features