--- a/mod_firewall/README.markdown Sun Jan 31 12:38:51 2016 +0100
+++ b/mod_firewall/README.markdown Mon Feb 01 20:24:51 2016 +0000
@@ -184,6 +184,16 @@
its own, and does **not** match 'user@example.com'. To perform domain
whitelists or blacklists, use Zones.
+ Condition Matches
+ ----------- -------------------------------------------------------
+ `FROM_EXACTLY` The JID in the 'from' attribute exactly matches the given JID
+ `TO_EXACTLY` The JID in the 'to' attribute exactly matches the given JID
+
+These additional conditions do not support pattern matching, but are
+useful to match the exact to/from address on a stanza. For example, if
+no resource is specified then only bare JIDs will be matched. TO and FROM
+match all resources if no resource is specified to match.
+
**Note:** Some chains execute before Prosody has performed any
normalisation or validity checks on the to/from JIDs on an incoming
stanza. It is not advisable to perform access control or similar rules
--- a/mod_firewall/conditions.lib.lua Sun Jan 31 12:38:51 2016 +0100
+++ b/mod_firewall/conditions.lib.lua Mon Feb 01 20:24:51 2016 +0000
@@ -58,6 +58,14 @@
return compile_jid_match("from", from), { "split_from" };
end
+function condition_handlers.FROM_EXACTLY(from)
+ return ("from == %q"):format(from), { "from" };
+end
+
+function condition_handlers.TO_EXACTLY(to)
+ return ("to == %q"):format(to), { "to" };
+end
+
function condition_handlers.TYPE(type)
return compile_comparison_list("(type or (name == 'message' and 'normal') or (name == 'presence' and 'available'))", type), { "type", "name" };
end