Hello! On Wed, May 22, 2013 at 10:17:22PM +0300, Sorin Manole wrote:
> Hi, > > Thanks for the quick response! I would like to implement this feature and > submit the patch for review. > Just want some quick clarifications: > Once there is support for unix domain sockets, should "deny all" limit them > too ? (I suppose yes?) Yes. > Also "deny unix:" should limit connections that come through all unix > domain sockets ? Yes. > > Thank you. > > > 2013/5/22 Maxim Dounin <[email protected]> > > > Hello! > > > > On Tue, May 21, 2013 at 10:27:21PM +0300, Sorin Manole wrote: > > > > > Hi all, > > > > > > It seems that when using HttpAccessModule directives to deny requests, > > they > > > don't seem to work if the server is listening on a unix domain socket. > > Even > > > when using deny all. > > > Can someone confirm and it's not just me making some stupid mistake ? > > > > Yes, access module allow/deny directives currently only able to > > limit ipv4 and ipv6 addresses. > > > > > Now if that is the case, would it be a good idea to add this > > functionality > > > to the module ? Maybe add a new parameter like "deny unix" or something ? > > > Or was this left out on purpose for a reason or another ? > > > > It probably should be expanded to support "unix:" special address > > like set_real_ip_from does (see http://nginx.org/r/set_real_ip_from). > > > > -- > > Maxim Dounin > > http://nginx.org/en/donation.html > > > > _______________________________________________ > > nginx-devel mailing list > > [email protected] > > http://mailman.nginx.org/mailman/listinfo/nginx-devel > > > _______________________________________________ > nginx-devel mailing list > [email protected] > http://mailman.nginx.org/mailman/listinfo/nginx-devel -- Maxim Dounin http://nginx.org/en/donation.html _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
