server {
listen 38090;
access_by_lua_block {
local require = require
local ipmatch = require("resty.ipmatcher")
local ip, err = ipmatch.new({
"192.168.10.100",
"172.0.0.0/8",
"127.0.0.1"
})
if not ip then
ngx.log(ngx.ERR, "new ipmatcher err: ", err)
end
-- 获取请求头
local h = ngx.req.get_headers()["addr"]
if not h then
ngx.log(ngx.ERR, "get request header is null!")
end
local exist, err = ip:match(h)
if exist then
ngx.log(ngx.ERR, "此IP在白名单内: 放行, ip: ", h)
else
ngx.log(ngx.ERR, "此IP不在白名单内: 拒绝, ip: ", h)
-- ngx.status = 403
return ngx.exit(403)
end
}
location / {
echo "success!";
}
}
