Skip to content

Rule Lists Use Cases#

This tutorial covers common use cases for Rule Lists in Peakhour.IO.

1. Create a Trusted IP List for Administrative Access#

Create an IP list named "admin_ips" with the following entries:

10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
203.0.113.42

Use this list in a firewall rule:

ip.src in $admin_ips

Configuration:

firewall.allow:
  reason: "Administrative access allowed"

2. Block Known Bad User Agents#

Create a text list named "bad_user_agents" with the following entries:

BadBot/1.0
MaliciousCrawler/2.1
SuspiciousClient/0.9

Use this list in a firewall rule:

http.user_agent in $bad_user_agents

Configuration:

firewall.deny:
  reason: "Suspicious user agent detected"

3. Rate Limit Requests from Non-Trusted ASNs#

Create an integer list named "trusted_asns" with the following entries:

13335
16509
14618

Use this list in a rate limiting configuration:

not (ip.geoip.asnum in $trusted_asns)

Configuration:

rate_limit.add_zone:
  zone: "untrusted_asn"
  key: 
    - type: "ip"
rate_limit.check_zone:
  zone: "untrusted_asn"
  action:
    type: "block"
    status_code: 429

These examples demonstrate how to use Rule Lists to create flexible and maintainable configurations in Peakhour.IO. For more information on creating and managing rule lists, see the Rule Lists documentation.