On Wed, Oct 29, 2014 at 01:35:50PM -0500, Joe Rizzo wrote: Hi there,
> I have nginx servers behind an AWS ELB. Because web sockets are > leveraged, the ELB is configured as TCP load balancing with the proxy > protocol option set. The true IP address of the client is extracted as > variable $proxy_protocol_addr. > > How would I configure nginx to allow/deny access based on the > $proxy_protocol_addr variable? According to http://nginx.org/en/docs/http/ngx_http_geoip_module.html, the module uses the client IP address or something from the X-Forwarded-For header. I suspect that if you want to use a different variable, the simplest pure-config way would be to reverse proxy to another nginx server{}, including your variable in the X-Forwarded-For header, and do the normal processing (including the deny/allow that you want) there. f -- Francis Daly [email protected] _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
