...
Code Block | ||
---|---|---|
| ||
<Location />
RewriteEngine On
RewriteCond expr "!(-R '127.0.0.0/8' || -R '10.0.0.0/8' || -R '172.16.0.0/12')"
RewriteCond expr "!(-R '129.97.0.0/16' || -R '192.168.0.0/16')"
# TODO: ipv6 rules
RewriteRule ^(.*) https://checkvpn.uwaterloo.ca/?callback=https://{{vars.server_name}}%{REQUEST_URI} [R]
...
</Location> |
...
Code Block |
---|
geo $is_local_uw_ip {
default no;
127.0.0.0/8 yes;
10.0.0.0/8 yes;
172.16.0.0/12 yes;
192.168.0.0/16 yes;
129.97.0.0/16 yes;
# TODO: test ipv6 mapping!.
2620:101:F000::/47;
2620:101:f000:700::/56;
fd74:6b6a:8eca:504::/64;
}
server {
...
location / {
if ($is_local_uw_ip = no) {
return 307 https://checkvpn.uwaterloo.ca/?callback=https://{{vars.server_name}}$request_uri;
# NOTE: nginx does not have a good way to encode_url for the callback
# SO: A request like .. ?callback=https://me.com/?x=1&y=2
# will drop y=2 from the callback!
}
}
} |
...