Mercurial > hg > nginx-site

diff xml/cn/docs/http/ngx_http_realip_module.xml @ 792:ceb8a4e374b7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Updated the Chinese documentation.
author Ruslan Ermilov <ru@nginx.com>
date Tue, 25 Dec 2012 06:34:37 +0000
parents
children
line wrap: on
line diff
new file mode 100644
--- /dev/null
+++ b/xml/cn/docs/http/ngx_http_realip_module.xml
@@ -0,0 +1,112 @@
+<?xml version="1.0"?>
+
+<!--
+  Copyright (C) Igor Sysoev
+  Copyright (C) Nginx, Inc.
+  -->
+
+<!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">
+
+<module name="Module ngx_http_realip_module"
+        link="/en/docs/http/ngx_http_realip_module.html"
+        lang="en"
+        rev="1">
+
+<section id="summary">
+
+<para>
+The <literal>ngx_http_realip_module</literal> module allows
+to change the client address to the one sent in the specified header field.
+</para>
+
+<para>
+This module is not built by default, it should be enabled with the
+<literal>--with-http_realip_module</literal>
+configuration parameter.
+</para>
+
+</section>
+
+
+<section id="example" name="Example Configuration">
+
+<para>
+<example>
+set_real_ip_from  192.168.1.0/24;
+set_real_ip_from  192.168.2.1;
+set_real_ip_from  2001:0db8::/32;
+real_ip_header    X-Forwarded-For;
+real_ip_recursive on;
+</example>
+</para>
+
+</section>
+
+
+<section id="directives" name="Directives">
+
+<directive name="set_real_ip_from">
+<syntax>
+    <value>address</value> |
+    <value>CIDR</value> |
+    <literal>unix:</literal></syntax>
+<default/>
+<context>http</context>
+<context>server</context>
+<context>location</context>
+
+<para>
+Defines trusted addresses that are known to send correct
+replacement addresses.
+If the special value <literal>unix:</literal> is specified,
+all UNIX-domain sockets will be trusted.
+<note>
+IPv6 addresses are supported starting from versions 1.3.0 and 1.2.1.
+</note>
+</para>
+
+</directive>
+
+
+<directive name="real_ip_header">
+<syntax>
+    <value>field</value> |
+    <literal>X-Real-IP</literal> |
+    <literal>X-Forwarded-For</literal></syntax>
+<default>X-Real-IP</default>
+<context>http</context>
+<context>server</context>
+<context>location</context>
+
+<para>
+Defines a request header field used to send
+the address for a replacement.
+</para>
+
+</directive>
+
+
+<directive name="real_ip_recursive">
+<syntax><literal>on</literal> | <literal>off</literal></syntax>
+<default>off</default>
+<context>http</context>
+<context>server</context>
+<context>location</context>
+<appeared-in>1.3.0</appeared-in>
+<appeared-in>1.2.1</appeared-in>
+
+<para>
+If recursive search is disabled, an original client address that
+matches one of the trusted addresses is replaced by the last
+address sent in the request header field defined by the
+<link id="real_ip_header"/> directive.
+If recursive search is enabled, an original client address that
+matches one of the trusted addresses is replaced by the last
+non-trusted address sent in the request header field.
+</para>
+
+</directive>
+
+</section>
+
+</module>