Неправильная работа ngx_http_access_module ?

[Vladislav V. Prodan]

Почему не выдается access forbidden by rule для ip из 41.0.0.0/8 ?
Если их явно запретили к обслуживанию вообще?


# tail -f access.log  | grep '"-" 400'
41.237.40.223 - - [18/Oct/2011:00:30:41 +0400] "-" 400 0 "-" "-"
41.199.46.203 - - [18/Oct/2011:00:30:41 +0400] "-" 400 0 "-" "-"
41.237.40.223 - - [18/Oct/2011:00:30:46 +0400] "-" 400 0 "-" "-"



server {
<------>listen   80;
<------>server_name  11.11.11.130;
        include blocklist.conf;
....
location / {

-- 

# cat /etc/nginx/blocklist.conf
deny 88.87.64.0/19;
deny 188.187.0.0/17;
deny 188.233.0.0/17;
deny 188.233.128.0/18;
deny 188.233.192.0/19;

## 400 error
deny 200.163.0.0/16;
deny 109.92.0.0/15;
deny 115.167.116.0/22;
deny 182.177.128.0/17;
deny 39.41.0.0/16;
deny 119.152.144.0/22;
deny 201.75.0.0/17;
deny 94.249.0.0/17;
deny 177.0.0.0/14;
deny 41.0.0.0/8;
^^^^^^^^^^^^^^^

# nginx -V
nginx: nginx version: nginx/1.0.8
nginx: TLS SNI support enabled
nginx: configure arguments: --prefix=/etc/nginx/
--sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid
--lock-path=/var/run/nginx.lock
--http-client-body-temp-path=/var/cache/nginx/client_temp
--http-proxy-temp-path=/var/cache/nginx/proxy_temp
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp
--http-uwsgi-temp-path=/var/cache/nginx/uwcgi_temp
--http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx
--group=nginx --with-http_ssl_module --with-http_realip_module
--with-http_addition_module --with-http_sub_module
--with-http_dav_module --with-http_flv_module --with-http_mp4_module
--with-http_gzip_static_module --with-http_random_index_module
--with-http_secure_link_module --with-http_stub_status_module
--with-mail --with-mail_ssl_module --with-file-aio --with-ipv6


Vladislav V. Prodan
VVP24-UANIC
+380[67]4584408
+380[99]4060508
xmpp:vlad11 на jabber.ru