Hi -
I have nginx servers behind an AWS ELB. Because web sockets are
leveraged, the ELB is configured as TCP load balancing with the proxy
protocol option set. The true IP address of the client is extracted as
variable $proxy_protocol_addr.

How would I configure nginx to allow/deny access based on the
$proxy_protocol_addr variable? I tried setting $X-Forwarded-For to
$proxy_protocol_addr with no luck. Below is snippets from the configuration.

http {
geoip_proxy 10.0.0.0/8;
geoip_proxy_recursive off;
geoip_country /usr/share/GeoIP/GeoIP.dat;
map $geoip_country_code $allowed_country {
default no;
US yes;
CA yes;
}
....
server {
listen 82 proxy_protocol;
location / {
set $X-Forwarded-For $proxy_protocol_addr;
if ($allowed_country = no) {
return 403;
}
....


Thanks,
Joe
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx