Comments (1)
I think this should be a separate module, but maybe it's possible to implement it in proxysql_mysql_users
It is impossible to integrate it into proxysql_mysql_users
module imo.
I also think it must be result in three new modules. Everything else will be very complicated.
mysql_firewall_whitelist_rules
CREATE TABLE mysql_firewall_whitelist_rules (
active INT CHECK (active IN (0,1)) NOT NULL DEFAULT 1,
username VARCHAR NOT NULL,
client_address VARCHAR NOT NULL,
schemaname VARCHAR NOT NULL,
flagIN INT NOT NULL DEFAULT 0,
digest VARCHAR NOT NULL,
comment VARCHAR NOT NULL,
PRIMARY KEY (username, client_address, schemaname, flagIN, digest) )
mysql_firewall_whitelist_sqli_fingerprints
CREATE TABLE mysql_firewall_whitelist_sqli_fingerprints (
active INT CHECK (active IN (0,1)) NOT NULL DEFAULT 1,
fingerprint VARCHAR NOT NULL,
PRIMARY KEY (fingerprint) )
mysql_firewall_whitelist_users
CREATE TABLE mysql_firewall_whitelist_users (
active INT CHECK (active IN (0,1)) NOT NULL DEFAULT 1,
username VARCHAR NOT NULL,
client_address VARCHAR NOT NULL,
mode VARCHAR CHECK (mode IN ('OFF','DETECTING','PROTECTING')) NOT NULL DEFAULT ('OFF'),
comment VARCHAR NOT NULL,
PRIMARY KEY (username, client_address) )
What's your usecase?
I've tried firewalling a nextcloud application in the past. But it's nearly impossible.
This will only work properly if
- Your application consists only very few queries
- You've got unit- and integrationtests that 100% covers all needed and available queries, so you've got a realistic chance to collect all necessary queries.
- when you're using an ORM, the change that you reach 100% decreases massively
- You got a lot of man-power, time and perseverance.
@atimonin do you have some time to implement and contribute those modules?
from community.proxysql.
Related Issues (20)
- proxysql_query_rules_fast_routing module can not update existed rules HOT 3
- Release 1.5.0
- CI maintenance
- Support gtid_port in proxysql_backend_servers
- CI: add --changed to ansible-test command
- proxysql_manage_config unexpectedly modifies system state in check mode HOT 2
- Consider using true/false for all booleans in docs HOT 1
- use mysql_common_argument_spec and refactor AnsibleModule()
- refactor save_config_to_disk() and load_config_to_runtime() HOT 4
- ProxySQL community pinboard HOT 4
- proxysql_mysql_query_rules becomes incompatible with 1.4.x since 1.1.0 HOT 5
- Expand github action integration test that it also runs against proxysql 1.4.15 HOT 1
- proxysql_mysql_users is not able to handle hashed passwords HOT 4
- add support for PROXYSQL TLS RELOAD HOT 5
- Important information for collection maintainers
- Install role need some maintenance HOT 3
- Release 2.0.0 plan HOT 2
- mysql.py. suffix in _version may not be an integer value ==> error HOT 3
- Ansible Contributor Summit. Tuesday, April 12, 2022.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from community.proxysql.