Path: blob/main/xml/en/docs/stream/ngx_stream_access_module.xml
1 views
<?xml version="1.0"?>12<!--3Copyright (C) Igor Sysoev4Copyright (C) Nginx, Inc.5-->67<!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">89<module name="Module ngx_stream_access_module"10link="/en/docs/stream/ngx_stream_access_module.html"11lang="en"12rev="1">1314<section id="summary">1516<para>17The <literal>ngx_stream_access_module</literal> module (1.9.2) allows18limiting access to certain client addresses.19</para>2021</section>222324<section id="example" name="Example Configuration">2526<para>27<example>28server {29...30deny 192.168.1.1;31allow 192.168.1.0/24;32allow 10.1.1.0/16;33allow 2001:0db8::/32;34deny all;35}36</example>37</para>3839<para>40The rules are checked in sequence until the first match is found.41In this example, access is allowed only for IPv4 networks42<literal>10.1.1.0/16</literal> and <literal>192.168.1.0/24</literal>43excluding the address <literal>192.168.1.1</literal>,44and for IPv6 network <literal>2001:0db8::/32</literal>.45</para>4647</section>484950<section id="directives" name="Directives">5152<directive name="allow">53<syntax>54<value>address</value> |55<value>CIDR</value> |56<literal>unix:</literal> |57<literal>all</literal></syntax>58<default/>59<context>stream</context>60<context>server</context>6162<para>63Allows access for the specified network or address.64If the special value <literal>unix:</literal> is specified,65allows access for all UNIX-domain sockets.66</para>6768</directive>697071<directive name="deny">72<syntax>73<value>address</value> |74<value>CIDR</value> |75<literal>unix:</literal> |76<literal>all</literal></syntax>77<default/>78<context>stream</context>79<context>server</context>8081<para>82Denies access for the specified network or address.83If the special value <literal>unix:</literal> is specified,84denies access for all UNIX-domain sockets.85</para>8687</directive>8889</section>9091</module>929394