Rules
Egern supports multiple types of rules that can be used to control the proxy behavior of network traffic and to block certain traffic.
Supported Rules
| Type | Name | Description |
|---|---|---|
| domain | Exact Domain Match | Matches the domain exactly |
| domain_keyword | Domain Keyword Match | Matches domains containing the input keyword |
| domain_suffix | Domain Suffix Match | Matches domains with the input suffix |
| domain_regex | Domain Regex Match | Matches domains using regular expressions |
| geoip | IP Country Code Match | Matches IP addresses based on country code |
| ip_cidr | IPv4 Range Match | Matches specified IPv4 address ranges |
| ip_cidr6 | IPv6 Range Match | Matches specified IPv6 address ranges |
| url_regex | URL Regex Match | Matches URLs using regular expressions |
| rule_set | Rule Set | Local or remote files |
| asn | ASN Rule | Matches ASN codes or organizations |
| default | Default Rule | Applied when other rules do not match |
- match: The value to match.
- policy: The policy name, which determines how the matched traffic should be handled—such as a proxy server, policy group, direct connection, or rejection. If this value is
DIRECT, the matched traffic will not use the proxy. If this value isREJECT, the matched traffic will be blocked. Note that the names of proxy servers and policy groups are applied here.
rules:
- domain:
match: www.google.com
policy: Proxy
- domain_keyword:
match: google
policy: Proxy
- domain_suffix:
match: google.com
policy: Proxy
- domain_regex:
match: google|gstatic|ytimg|youtube|ggpht
policy: Proxy
- geoip:
match: US
policy: Proxy
- ip_cidr:
match: 192.168.0.0/16
policy: DIRECT
- url_regex:
match: "https://www.google.com/"
policy: Proxy
- rule_set:
match: "./example.yaml"
policy: Proxy
- asn:
match: "1234"
policy: DIRECT
- default:
policy: DIRECT
In this example, we have set various types of rules. For instance, we use the domain rule to proxy traffic to www.google.com, the domain_keyword rule to proxy traffic to all domains containing google, and the geoip rule to proxy traffic from IP addresses in the United States, among others. The default rule is set to direct connection, meaning that when other rules do not match, traffic will connect directly without using the proxy.
Rule Sets
Rule sets can be local or remote files. They allow you to reuse or share rules across multiple configuration files.
| Type | Name |
|---|---|
| domain_set | Domain Set |
| domain_keyword_set | Domain Keyword Match Set |
| domain_suffix_set | Domain Suffix Match Set |
| domain_regex_set | Domain Regex Match Set |
| geoip_set | IP Country Code Match Set |
| ip_cidr_set | IPv4 Range Match Set |
| ip_cidr6_set | IPv6 Range Match Set |
| url_regex_set | URL Regex Match Set |
| asn_set | ASN Rule Set |
Rule Set Examples
domain_set:
- www.google.com
- www.youtube.com
domain_keyword_set:
- google
- youtube
domain_suffix_set:
- google.com
- youtube.com
domain_regex_set:
- google|gstatic|ytimg|youtube|ggpht
geoip_set:
- US
- UK
ip_cidr_set:
- 192.168.0.0/16
url_regex_set:
- "https://www.google.com/"
In this example, we have set values for each type of rule set. For instance, our domain_set includes www.google.com and www.youtube.com, meaning that when we reference this rule set, traffic to these domains will be matched. Similarly, our geoip_set includes US and UK, so when we reference this rule set, traffic from IP addresses in the United States and the United Kingdom will be matched.