block ip/subnet at socket lvl

arleybls nginx-forum at
Wed Sep 7 14:41:31 UTC 2011

Currently Nginx can block IP on application level and thus send a 403
forbidden message back to the client.

I wonder if there's a way to block any request at the socket level,
preferably not even sending a FIN message to the client but simply
dropping the packet. Right now i'm using iptables but i'm really looking
to have such feature on nginx itself, and if not supported right on
current build, how could I have a hook to the socket and control it on a
home made server module/handler?


Posted at Nginx Forum:,214948,214948#msg-214948

More information about the nginx mailing list