TsgcWebSocketFirewall › Properties › CustomRules
User-defined rule engine that combines IP, country, message and violation-count conditions with a configurable action.
property CustomRules: TsgcFirewallRules read FCustomRules write SetCustomRules;—
Enable CustomRules.Enabled and add TsgcFirewallRuleItem entries to the Rules collection for fine-grained filtering that complements the built-in modules. Each item combines: Name, Enabled, IPPattern (exact IP, CIDR or wildcard), CountryCode, MessagePattern (wildcard expression matched against message content), MinViolations with TimeWindowSec (trigger only after N violations in a window), ActionType (raDeny, raAllow, raBan or raLog) and BanDurationSec used when ActionType is raBan. A matching rule that triggers fires OnViolation with type fvCustomRule. Defaults per rule: Enabled=True, MinViolations=0, TimeWindowSec=60, ActionType=raDeny, BanDurationSec=300.
var
oRule: TsgcFirewallRuleItem;
begin
sgcWebSocketFirewall1.CustomRules.Enabled := True;
oRule := TsgcFirewallRuleItem(sgcWebSocketFirewall1.CustomRules.Rules.Add);
oRule.Name := 'BlockAdminFromOutside';
oRule.Enabled := True;
oRule.IPPattern := '*';
oRule.MessagePattern := '*/admin*';
oRule.ActionType := raBan;
oRule.BanDurationSec := 3600;
end;