allow IPv6/Mask

Igor Sysoev igor at sysoev.ru
Fri Nov 23 12:36:49 UTC 2012


On Nov 23, 2012, at 16:30 , Micha Glave wrote:

> My fault both 2. and 3. doesn't work. 
> 
> How is the correct notation?

allow 192.168.42.0/24;

nginx tests both IPv4 and IPv4 mapped to IPv6 addresses
with this single rule.


--
Igor Sysoev
http://nginx.com/support.html

> Micha
> 
> 
> 2012/11/23 Micha Glave <nginx at migmedia.de>
> Hi
> 
> I wan't to allow just the local-IPv4-Subnet. Something like this:
> 
> listen *:80;
> allow 192.168.42.0/24;
> deny all;
> 
> After switching to IPv6-Dual-Layer I tried this ...
> 
> listen [::]:80;
> allow ::ffff:192.168.42.0/120;
> deny all; 
> 
> 
> It doesn't work as expected. No one can see the page. 
> The following works: 
> 
> listen [::]:80;
> allow ::ffff:c0a8:2a00/120;
> deny all;
> 
> In my opinion there should be a warning at the second. But it fails silently.
> 
> Should I post a bug-report for this?
> 
> Micha 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20121123/aae64636/attachment.html>


More information about the nginx mailing list