TsgcWebSocketFirewall.Blacklist
Click here to see this page in full context

TsgcWebSocketFirewallProperties › Blacklist

Blacklist Property

Deny list of IP addresses and CIDR ranges whose connections are rejected before any other check.

Syntax

property Blacklist: TsgcFirewallIPList read FBlacklist write SetBlacklist;

Default Value

Remarks

Enable Blacklist.Enabled and populate the IPs string list with exact addresses (for example 192.168.1.100) or CIDR ranges (for example 10.0.0.0/8, 172.16.0.0/16). When a connection arrives from an IP that matches any entry in the list the firewall rejects it immediately and raises OnViolation with violation type fvBlacklist. Whitelist entries take precedence over the blacklist, so a whitelisted IP is never rejected by this check.

Example


sgcWebSocketFirewall1.Blacklist.Enabled := True;
sgcWebSocketFirewall1.Blacklist.IPs.Add('10.0.0.0/8');
sgcWebSocketFirewall1.Blacklist.IPs.Add('192.168.1.100');

Back to Properties