I think you need IPS/IDS in front of your nginx server :) Nginx can't capture packets, please read OSI layer.
CMIIW On Thursday, February 5, 2015, abhi2528 <[email protected]> wrote: > Hi All, > > We have an existing TCP/TLS based server application 'A' in production. > Around 10K users can connect to this application. We now have a requirement > as follows: > > 1). Intercept the traffic between Client and A > 2). 'Inspect' the packet for a certain logic > 3). If the packet matches, call a processing logic (THIS IS A BLOCKING > OPERATION AS UNFORTUNATELY THE PROCESSING REQUIRES SOME SORT OF HUMAN > INTERVENTION AND MAY TAKE BETWEEN 30 - 60 Seconds). The frequency for match > might be just 5-10% of traffic > 4). Based on the result of processing either send the packet as is to 'A' > or > modify the packet content and then send to 'A'. > > I understand that this is most definitely an ideal scenario as the blocking > operation is involved, but the requirements are pretty stringent. > > I just wanted to understand if Nginx can help me in this context. Does > Nginx > support such blocking operations? Basically the idea is that if one request > matches for the Blocking Operation processing, the other > parallel/concurrent > requests should not be BLOCKED(or wait). In layman terms a scenario where > every request has an independent thread and processing. > > Can anyone suggest a solution for this problem. > > Again I acknowledge that this might not be the best way forward but somehow > we are constrained. > > Looking forward to some great advice. > > Many Thanks, > Abhi > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,256463,256463#msg-256463 > > _______________________________________________ > nginx mailing list > [email protected] <javascript:;> > http://mailman.nginx.org/mailman/listinfo/nginx > -- Sent from iDewangga Device
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
