TsgcWebSocketFirewall › Events › OnFiltered
Fires when the firewall makes a filtering decision on a connection or message.
property OnFiltered: TsgcFirewallOnFiltered;
// TsgcFirewallOnFiltered = procedure(Sender: TObject; const aIP: string; const aReason: string; var Allow: Boolean) of object—
OnFiltered is raised every time the firewall blocks (or would block) a connection or message. Use this event to log decisions or to override the outcome via the Allow var parameter: set it to True to let the request through despite the firewall verdict, or leave it unchanged to accept the firewall decision. aIP is the remote client IP and aReason is a short human-readable reason (for example "Blacklisted", "Banned", "Rate limit exceeded", "GeoIP blocked", "SQL injection detected", "XSS detected", "Path traversal detected", "Command injection detected", "Flood protection triggered", "Payload too large" or "Custom rule blocked"). The event fires from the server I/O thread so keep handlers fast and thread-safe.
procedure TForm1.sgcWebSocketFirewall1Filtered(Sender: TObject;
const aIP: string; const aReason: string; var Allow: Boolean);
begin
// log every firewall decision
Memo1.Lines.Add(Format('[%s] blocked: %s', [aIP, aReason]));
// whitelist an internal monitoring host, overriding the firewall
if aIP = '10.0.0.5' then
Allow := True;
end;