Hello,
We are trying to start to use Cloudflare Firewall rules in order to filter some traffic. Generally, on other firewalls (network devices) we use the following logic:
- Block bad traffic
- Allow all required traffic
- Block any other traffic
But with Cloudflare Firewall we observed that rules can not be duplicated:
config duplicates an already existing config (Code: 10102)
Our rules:
-
(http.host eq "cf-test.domain.com")
--> Bypass
-
(http.host eq "cf-test.domain.com" and is_timed_hmac_valid_v0("my-secret-url-token", http.request.uri,30000, http.request.timestamp.sec,11))
--> Allow
-
(http.host eq "cf-test.domain.com")
--> Block
The issue probably is because rule 3 contains same expression as rule 1. We can replace it with the something like:
(http.host eq "cf-test.domain.com" and http.request.uri contains "/")
--> Block
And it works.
Question is the following
This is the rule and we can’t use same expression for 2 rules? And only one workaround will be to modify second rule to contains some extra conditions?
Similar error on the forum
- Firewall rules-specify several conditions then block
- Using Terraform to manage firewall rules and filters
Documentation
Thank you!