Mercurial > hg > nginx-site
comparison xml/en/docs/stream/ngx_stream_access_module.xml @ 1503:a9ffc9dd41e0
Added the "ngx_stream_access_module" module.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Wed, 10 Jun 2015 14:02:58 +0300 |
parents | xml/en/docs/http/ngx_http_access_module.xml@6316a7579448 |
children |
comparison
equal
deleted
inserted
replaced
1502:b628e042a15e | 1503:a9ffc9dd41e0 |
---|---|
1 <?xml version="1.0"?> | |
2 | |
3 <!-- | |
4 Copyright (C) Igor Sysoev | |
5 Copyright (C) Nginx, Inc. | |
6 --> | |
7 | |
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | |
9 | |
10 <module name="Module ngx_stream_access_module" | |
11 link="/en/docs/stream/ngx_stream_access_module.html" | |
12 lang="en" | |
13 rev="1"> | |
14 | |
15 <section id="summary"> | |
16 | |
17 <para> | |
18 The <literal>ngx_stream_access_module</literal> module (1.9.2) allows | |
19 limiting access to certain client addresses. | |
20 </para> | |
21 | |
22 </section> | |
23 | |
24 | |
25 <section id="example" name="Example Configuration"> | |
26 | |
27 <para> | |
28 <example> | |
29 server { | |
30 ... | |
31 deny 192.168.1.1; | |
32 allow 192.168.1.0/24; | |
33 allow 10.1.1.0/16; | |
34 allow 2001:0db8::/32; | |
35 deny all; | |
36 } | |
37 </example> | |
38 </para> | |
39 | |
40 <para> | |
41 The rules are checked in sequence until the first match is found. | |
42 In this example, access is allowed only for IPv4 networks | |
43 <literal>10.1.1.0/16</literal> and <literal>192.168.1.0/24</literal> | |
44 excluding the address <literal>192.168.1.1</literal>, | |
45 and for IPv6 network <literal>2001:0db8::/32</literal>. | |
46 </para> | |
47 | |
48 </section> | |
49 | |
50 | |
51 <section id="directives" name="Directives"> | |
52 | |
53 <directive name="allow"> | |
54 <syntax> | |
55 <value>address</value> | | |
56 <value>CIDR</value> | | |
57 <literal>unix:</literal> | | |
58 <literal>all</literal></syntax> | |
59 <default/> | |
60 <context>stream</context> | |
61 <context>server</context> | |
62 | |
63 <para> | |
64 Allows access for the specified network or address. | |
65 If the special value <literal>unix:</literal> is specified, | |
66 allows access for all UNIX-domain sockets. | |
67 </para> | |
68 | |
69 </directive> | |
70 | |
71 | |
72 <directive name="deny"> | |
73 <syntax> | |
74 <value>address</value> | | |
75 <value>CIDR</value> | | |
76 <literal>unix:</literal> | | |
77 <literal>all</literal></syntax> | |
78 <default/> | |
79 <context>stream</context> | |
80 <context>server</context> | |
81 | |
82 <para> | |
83 Denies access for the specified network or address. | |
84 If the special value <literal>unix:</literal> is specified, | |
85 denies access for all UNIX-domain sockets. | |
86 </para> | |
87 | |
88 </directive> | |
89 | |
90 </section> | |
91 | |
92 </module> |