Nginx as a proxy with Blocking operations

NitrouZ root at
Thu Feb 5 11:31:14 UTC 2015

I think you need IPS/IDS in front of your nginx server :) Nginx can't
capture packets, please read OSI layer.


On Thursday, February 5, 2015, abhi2528 <nginx-forum at> wrote:

> Hi All,
> We have an existing TCP/TLS based server application 'A' in production.
> Around 10K users can connect to this application. We now have a requirement
> as follows:
> 1). Intercept the traffic between Client and A
> 2). 'Inspect' the packet for a certain logic
> 3). If the packet matches, call a processing logic (THIS IS A BLOCKING
> INTERVENTION AND MAY TAKE BETWEEN 30 - 60 Seconds). The frequency for match
> might be just 5-10% of traffic
> 4). Based on the result of processing either send the packet as is to 'A'
> or
> modify the packet content and then send to 'A'.
> I understand that this is most definitely an ideal scenario as the blocking
> operation is involved, but the requirements are pretty stringent.
> I just wanted to understand if Nginx can help me in this context. Does
> Nginx
> support such blocking operations? Basically the idea is that if one request
> matches for the Blocking Operation processing, the other
> parallel/concurrent
> requests should not be BLOCKED(or wait). In layman terms a scenario where
> every request has an independent thread and processing.
> Can anyone suggest a solution for this problem.
> Again I acknowledge that this might not be the best way forward but somehow
> we are constrained.
> Looking forward to some great advice.
> Many Thanks,
> Abhi
> Posted at Nginx Forum:
> _______________________________________________
> nginx mailing list
> nginx at <javascript:;>

Sent from iDewangga Device
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list