Mercurial > hg > nginx-site

diff xml/en/docs/stream/ngx_stream_access_module.xml @ 1503:a9ffc9dd41e0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added the "ngx_stream_access_module" module.
author Yaroslav Zhuravlev <yar@nginx.com>
date Wed, 10 Jun 2015 14:02:58 +0300
parents xml/en/docs/http/ngx_http_access_module.xml@6316a7579448
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/xml/en/docs/stream/ngx_stream_access_module.xml	Wed Jun 10 14:02:58 2015 +0300
@@ -0,0 +1,92 @@
+<?xml version="1.0"?>
+
+<!--
+  Copyright (C) Igor Sysoev
+  Copyright (C) Nginx, Inc.
+  -->
+
+<!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">
+
+<module name="Module ngx_stream_access_module"
+        link="/en/docs/stream/ngx_stream_access_module.html"
+        lang="en"
+        rev="1">
+
+<section id="summary">
+
+<para>
+The <literal>ngx_stream_access_module</literal> module (1.9.2) allows
+limiting access to certain client addresses.
+</para>
+
+</section>
+
+
+<section id="example" name="Example Configuration">
+
+<para>
+<example>
+server {
+    ...
+    deny  192.168.1.1;
+    allow 192.168.1.0/24;
+    allow 10.1.1.0/16;
+    allow 2001:0db8::/32;
+    deny  all;
+}
+</example>
+</para>
+
+<para>
+The rules are checked in sequence until the first match is found.
+In this example, access is allowed only for IPv4 networks
+<literal>10.1.1.0/16</literal> and <literal>192.168.1.0/24</literal>
+excluding the address <literal>192.168.1.1</literal>,
+and for IPv6 network <literal>2001:0db8::/32</literal>.
+</para>
+
+</section>
+
+
+<section id="directives" name="Directives">
+
+<directive name="allow">
+<syntax>
+    <value>address</value> |
+    <value>CIDR</value> |
+    <literal>unix:</literal> |
+    <literal>all</literal></syntax>
+<default/>
+<context>stream</context>
+<context>server</context>
+
+<para>
+Allows access for the specified network or address.
+If the special value <literal>unix:</literal> is specified,
+allows access for all UNIX-domain sockets.
+</para>
+
+</directive>
+
+
+<directive name="deny">
+<syntax>
+    <value>address</value> |
+    <value>CIDR</value> |
+    <literal>unix:</literal> |
+    <literal>all</literal></syntax>
+<default/>
+<context>stream</context>
+<context>server</context>
+
+<para>
+Denies access for the specified network or address.
+If the special value <literal>unix:</literal> is specified,
+denies access for all UNIX-domain sockets.
+</para>
+
+</directive>
+
+</section>
+
+</module>