Block

Stops processing and returns a configured response.

Use the Block policy to stop the assembly and return a predefined response when a request must be rejected based on conditions you define.

For more information on the policy parameter descriptions, see DataPower Nano Gateway documentation.

Example of a Block policy in code view.

kind: Block
apiVersion: api.ibm.com/v1
metadata:
  name: "ipBlock-sample"
  version: '1.0'
  namespace: sample
spec:
  ip:
    denyList:
      - "192.168.0.1"
      - "10.0.0.5"
      - "172.16.254.3"
      - "8.8.8.8"
      - "203.0.113.42"
---
kind: Block
apiVersion: api.ibm.com/v1
metadata:
  name: "ipBlock-sample"
  version: '1.0'
  namespace: sample
spec:
  ip:
    allowList:
      - "192.168.0.1"
      - "10.0.0.5"
      - "172.16.254.3"
      - "8.8.8.8"
      - "203.0.113.42"
---
kind: Block
apiVersion: api.ibm.com/v1
metadata:
  name: "header-allow-list"
  version: '1.0'
  namespace: sample
spec:
  header:
    allowList:
      - name: "x-forwarded-for"
        value: "192.168.0.1" # Mandatory field but it can be empty string
      - name: "x-forwarded-for"
        value: "10.0.0.5" # Mandatory field but it can be empty string
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
  name: "header-deny-list"
  version: '1.0'
  namespace: sample
spec:
  header:
    denyList:
      - name: "x-forwarded-for"
        value: "192.168.0.1" # Mandatory field but it can be empty string
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
  name: "query-param-deny"
  version: '1.0'
  namespace: sample
spec:
  queryParam:
    denyList:
      - name: "query1"
        value: "value1" # Optional
      - name: "query2"
        value: "value2" # Optional
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
  name: "query-param-allow"
  version: '1.0'
  namespace: sample
spec:
  queryParam:
    allowList:
      - name: "query1"
        value: "value1" # Optional
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
  name: "cookie-deny-list"
  version: '1.0'
  namespace: sample
spec:
  cookie:
    denyList:
      - name: "cookie1"
        value: "value1" # Mandatory field but it can be empty string
      - name: "cookie2"
        value: "value2" # Mandatory field but it can be empty string
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
  name: "cookie-allow-list"
  version: '1.0'
  namespace: sample
spec:
  cookie:
    allowList:
      - name: "cookie1"
        value: "value1" # Mandatory field but it can be empty string
      - name: "cookie2"
        value: "value2" # Mandatory field but it can be empty string