nginx tcp代理并限制ip访问

Nginx 从1.9.0开始发布ngx_stream_core_module模块,该模块支持tcp代理及负载均衡。

本文记录一下用nginx实现zk的代理并限制指定ip可以访问

配置文件

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;
   #geo $remote_addr $geo {
    #    default 1;
     #   include    conf.d/whitelist.conf;
    #}

    include /etc/nginx/conf.d/*.conf;
}


stream{

       #allow 127.0.0.1;
       #deny all; #也可以写在文件里,用include导入

    include    conf.d/whitelist.conf;

    upstream zk{
        hash $remote_addr consistent;
        server  127.0.0.1:2181 max_fails=3 fail_timeout=10s;  
    }
    server{
        listen 8182;
        proxy_connect_timeout 20s;
        proxy_timeout 5m;
        proxy_pass zk;
    }
}

 

上一篇:防抖节流笔记


下一篇:【前端】一网打尽──前端开发中的“节流”和“防抖”