Skip to content

New: Microsoft Sentinel TAXII integration is in technical preview.Read the integration guide

Pangolin Integration

This guide adds ELLIO EDL (External Dynamic List) protection to an existing Pangolin installation. Pangolin is a self-hosted platform that uses Traefik as its reverse proxy.

  • Existing Pangolin installation that’s working correctly
  • Bootstrap token from your custom EDL configured for “Traefik Middleware”
  • Access to modify Pangolin configuration files

Modify your Pangolin Traefik configuration to include the ELLIO plugin.

config/traefik/traefik_config.yml
# Your existing Pangolin Traefik configuration...
# ADD THIS: ELLIO Plugin Configuration
experimental:
plugins:
# Your existing Pangolin plugins...
ellio:
moduleName: "github.com/ELLIO-Technology/ELLIO-Traefik-Middleware-Plugin"
version: "v1.0.2"
config/traefik/dynamic_config.yml
http:
middlewares:
# Your existing Pangolin middlewares...
# ADD THIS: ELLIO EDL Middleware
ellio-edl:
plugin:
ellio:
bootstrapToken: "YOUR_ELLIO_BOOTSTRAP_TOKEN"
logLevel: "info"
ipStrategy: "direct" # Adjust based on your setup
# Optional: Add machine identifier
# machineId: "pangolin-production"
routers:
# HTTP to HTTPS redirect router
main-app-router-redirect:
rule: "Host(`pangolin.example.com`)"
service: next-service
entryPoints:
- web
middlewares:
- ellio-edl # Optionally protect Pangolin dashboard (even before redirect to HTTPS)
- redirect-to-https
# Next.js router (handles everything except API and WebSocket paths)
next-router:
rule: "Host(`pangolin.example.com`) && !PathPrefix(`/api/v1`)"
service: next-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
middlewares:
- ellio-edl # Optionally protect Pangolin dashboard
# API router (handles /api/v1 paths)
api-router:
rule: "Host(`pangolin.example.com`) && PathPrefix(`/api/v1`)"
service: api-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
middlewares:
- ellio-edl # Optionally protect Pangolin dashboard

Step 2: Apply the ELLIO middleware to services

Section titled “Step 2: Apply the ELLIO middleware to services”

Add the ELLIO middleware to the services you want to protect:

Global application via Pangolin config

config/config.yml
# Your existing Pangolin configuration...
traefik:
# Your existing Pangolin Traefik settings...
# ADD THIS: Apply ELLIO middleware to all services
additional_middlewares: ["ellio-edl@file"]

For services behind Cloudflare, also read Cloudflare Setup.

Terminal window
# Navigate to your Pangolin directory and restart Traefik
docker-compose restart traefik
# Check logs for successful plugin loading
docker-compose logs traefik | grep -i ellio

Test the setup by checking the Traefik logs and the ELLIO platform:

  1. Check plugin loading: Look for ELLIO initialization messages in Traefik logs
  2. Test access control: Add a test IP to your EDL and verify it gets blocked
  3. Monitor events: Check the ELLIO platform for blocked request events