mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-20 16:15:59 +01:00
Use new short access rules in config template
This commit is contained in:
parent
f1138baa80
commit
d1425f0d78
@ -466,76 +466,60 @@ acl:
|
|||||||
|
|
||||||
shaper_rules:
|
shaper_rules:
|
||||||
## Maximum number of simultaneous sessions allowed for a single user:
|
## Maximum number of simultaneous sessions allowed for a single user:
|
||||||
max_user_sessions:
|
max_user_sessions: 10
|
||||||
- 10:
|
|
||||||
- all
|
|
||||||
## Maximum number of offline messages that users can have:
|
## Maximum number of offline messages that users can have:
|
||||||
max_user_offline_messages:
|
max_user_offline_messages:
|
||||||
- 5000:
|
- 5000: admin
|
||||||
- acl: admin
|
- 100
|
||||||
- 100:
|
|
||||||
- all
|
|
||||||
## For C2S connections, all users except admins use the "normal" shaper
|
## For C2S connections, all users except admins use the "normal" shaper
|
||||||
c2s_shaper:
|
c2s_shaper:
|
||||||
- none:
|
- none: admin
|
||||||
- acl: admin
|
- normal
|
||||||
- normal:
|
|
||||||
- all
|
|
||||||
## All S2S connections use the "fast" shaper
|
## All S2S connections use the "fast" shaper
|
||||||
s2s_shaper:
|
s2s_shaper: fast
|
||||||
- fast:
|
|
||||||
- all
|
|
||||||
|
|
||||||
###. ============
|
###. ============
|
||||||
###' ACCESS RULES
|
###' ACCESS RULES
|
||||||
access_rules:
|
access_rules:
|
||||||
## This rule allows access only for local users:
|
## This rule allows access only for local users:
|
||||||
local:
|
local:
|
||||||
- allow:
|
- allow: local
|
||||||
- acl: local
|
|
||||||
## Only non-blocked users can use c2s connections:
|
## Only non-blocked users can use c2s connections:
|
||||||
c2s:
|
c2s:
|
||||||
- deny:
|
- deny: blocked
|
||||||
- acl: blocked
|
- allow
|
||||||
- allow:
|
|
||||||
- all
|
|
||||||
## Only admins can send announcement messages:
|
## Only admins can send announcement messages:
|
||||||
announce:
|
announce:
|
||||||
- allow:
|
- allow: admin
|
||||||
- acl: admin
|
|
||||||
## Only admins can use the configuration interface:
|
## Only admins can use the configuration interface:
|
||||||
configure:
|
configure:
|
||||||
- allow:
|
- allow: admin
|
||||||
- acl: admin
|
|
||||||
## Admins of this server are also admins of the MUC service:
|
## Admins of this server are also admins of the MUC service:
|
||||||
muc_admin:
|
muc_admin:
|
||||||
- allow:
|
- allow: admin
|
||||||
- acl: admin
|
|
||||||
## Only accounts of the local ejabberd server can create rooms:
|
## Only accounts of the local ejabberd server can create rooms:
|
||||||
muc_create:
|
muc_create:
|
||||||
- allow:
|
- allow: local
|
||||||
- acl: local
|
|
||||||
## All users are allowed to use the MUC service:
|
## All users are allowed to use the MUC service:
|
||||||
muc:
|
muc:
|
||||||
- allow:
|
- allow
|
||||||
- all
|
|
||||||
## Only accounts on the local ejabberd server can create Pubsub nodes:
|
## Only accounts on the local ejabberd server can create Pubsub nodes:
|
||||||
pubsub_createnode:
|
pubsub_createnode:
|
||||||
- allow:
|
- allow: local
|
||||||
- acl: local
|
|
||||||
## In-band registration allows registration of any possible username.
|
## In-band registration allows registration of any possible username.
|
||||||
## To disable in-band registration, replace 'allow' with 'deny'.
|
## To disable in-band registration, replace 'allow' with 'deny'.
|
||||||
register:
|
register:
|
||||||
- allow:
|
- allow
|
||||||
- all
|
|
||||||
## Only allow to register from localhost
|
## Only allow to register from localhost
|
||||||
trusted_network:
|
trusted_network:
|
||||||
- allow:
|
- allow: loopback
|
||||||
- acl: loopback
|
|
||||||
## Do not establish S2S connections with bad servers
|
## Do not establish S2S connections with bad servers
|
||||||
## s2s:
|
## s2s:
|
||||||
## bad_servers: deny
|
## - deny:
|
||||||
## all: allow
|
## - ip: "XXX.XXX.XXX.XXX/32"
|
||||||
|
## - deny:
|
||||||
|
## - ip: "XXX.XXX.XXX.XXX/32"
|
||||||
|
## - allow
|
||||||
|
|
||||||
## By default the frequency of account registrations from the same IP
|
## By default the frequency of account registrations from the same IP
|
||||||
## is limited to 1 account every 10 minutes. To disable, specify: infinity
|
## is limited to 1 account every 10 minutes. To disable, specify: infinity
|
||||||
@ -548,10 +532,10 @@ access_rules:
|
|||||||
## "localhost":
|
## "localhost":
|
||||||
## access:
|
## access:
|
||||||
## c2s:
|
## c2s:
|
||||||
## admin: allow
|
## - allow: admin
|
||||||
## all: deny
|
## - deny
|
||||||
## register:
|
## register:
|
||||||
## all: deny
|
## - deny
|
||||||
|
|
||||||
###. ================
|
###. ================
|
||||||
###' DEFAULT LANGUAGE
|
###' DEFAULT LANGUAGE
|
||||||
|
Loading…
Reference in New Issue
Block a user