Hi, Thanks for the quick response! I would like to implement this feature and submit the patch for review. Just want some quick clarifications: Once there is support for unix domain sockets, should "deny all" limit them too ? (I suppose yes?) Also "deny unix:" should limit connections that come through all unix domain sockets ?
Thank you. 2013/5/22 Maxim Dounin <mdou...@mdounin.ru> > Hello! > > On Tue, May 21, 2013 at 10:27:21PM +0300, Sorin Manole wrote: > > > Hi all, > > > > It seems that when using HttpAccessModule directives to deny requests, > they > > don't seem to work if the server is listening on a unix domain socket. > Even > > when using deny all. > > Can someone confirm and it's not just me making some stupid mistake ? > > Yes, access module allow/deny directives currently only able to > limit ipv4 and ipv6 addresses. > > > Now if that is the case, would it be a good idea to add this > functionality > > to the module ? Maybe add a new parameter like "deny unix" or something ? > > Or was this left out on purpose for a reason or another ? > > It probably should be expanded to support "unix:" special address > like set_real_ip_from does (see http://nginx.org/r/set_real_ip_from). > > -- > Maxim Dounin > http://nginx.org/en/donation.html > > _______________________________________________ > nginx-devel mailing list > nginx-devel@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx-devel >
_______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
