Block
Stops processing and returns a configured response.
Use the Block policy to stop the assembly and return a predefined response when a request must be rejected based on conditions you define.
For more information on the policy parameter descriptions, see DataPower Nano Gateway documentation.
Example of a Block policy in code view.
kind: Block
apiVersion: api.ibm.com/v1
metadata:
name: "ipBlock-sample"
version: '1.0'
namespace: sample
spec:
ip:
denyList:
- "192.168.0.1"
- "10.0.0.5"
- "172.16.254.3"
- "8.8.8.8"
- "203.0.113.42"
---
kind: Block
apiVersion: api.ibm.com/v1
metadata:
name: "ipBlock-sample"
version: '1.0'
namespace: sample
spec:
ip:
allowList:
- "192.168.0.1"
- "10.0.0.5"
- "172.16.254.3"
- "8.8.8.8"
- "203.0.113.42"
---
kind: Block
apiVersion: api.ibm.com/v1
metadata:
name: "header-allow-list"
version: '1.0'
namespace: sample
spec:
header:
allowList:
- name: "x-forwarded-for"
value: "192.168.0.1" # Mandatory field but it can be empty string
- name: "x-forwarded-for"
value: "10.0.0.5" # Mandatory field but it can be empty string
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
name: "header-deny-list"
version: '1.0'
namespace: sample
spec:
header:
denyList:
- name: "x-forwarded-for"
value: "192.168.0.1" # Mandatory field but it can be empty string
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
name: "query-param-deny"
version: '1.0'
namespace: sample
spec:
queryParam:
denyList:
- name: "query1"
value: "value1" # Optional
- name: "query2"
value: "value2" # Optional
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
name: "query-param-allow"
version: '1.0'
namespace: sample
spec:
queryParam:
allowList:
- name: "query1"
value: "value1" # Optional
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
name: "cookie-deny-list"
version: '1.0'
namespace: sample
spec:
cookie:
denyList:
- name: "cookie1"
value: "value1" # Mandatory field but it can be empty string
- name: "cookie2"
value: "value2" # Mandatory field but it can be empty string
---
apiVersion: api.ibm.com/v1
kind: Block
metadata:
name: "cookie-allow-list"
version: '1.0'
namespace: sample
spec:
cookie:
allowList:
- name: "cookie1"
value: "value1" # Mandatory field but it can be empty string
- name: "cookie2"
value: "value2" # Mandatory field but it can be empty string