<!-- This is the router filter ruleset.
     It allows for finegrained routing control.

     to, from - wildmat patterns
                absent attribute matches absence of attribute
                "*" matches any value of attribute
     what     - XPath like query
     redirect - send packet to given JID instead original recipient
     error    - none given means allow, if given means deny
                this is an XMPP RFC defined error condition
     log      - if set, the matched packets will be logged in router log

     Rules are matched in order of apperance. First match is efffective.
-->

<filter>
  <!-- first allow any routing without to or from - it's internal. -->
  <!--
  <rule/>
  <rule from="*"/>
  <rule to="*"/>
  -->

  <!-- create simple alias -->
  <!-- <rule from="*" to="god@example.org" redirect="admin@example.org"/> -->

  <!-- don't allow msn registrations, but... -->
  <!-- <rule from="dearhart@example.org" to="msn.example.org"/> -->
  <!-- <rule error="not-allowed" from="*" to="msn.example.org" what="iq/query?xmlns=jabber:iq:register" log="yes"/> -->

  <!-- this user should not talk with evil -->
  <!-- <rule error="not-allowed" from="user@example.org" to="*@evil.gov" what="message"/> -->

  <!-- I don't want evil to read my data -->
  <!-- <rule error="forbidden" from="*@evil.gov" to="admin@example.org" what="iq/vCard" log="on"/> -->

  <!-- and finally, let's blind the world with some exceptions -->
  <!--
  <rule from="*@goodguys.org" to="*" what="presence"/>
  <rule from="admin@example.org" to="*" what="presence"/>
  <rule error="not-acceptable" from="*" to="*" what="presence"/>
  -->

</filter>
<!--
  vim: syntax=xml
-->