Mercurial > hg > nginx-site
comparison xml/en/docs/http/ngx_http_scgi_module.xml @ 2090:a9a9a052b5bd
Documented the "CAP_NET_RAW" capability for transparent proxying.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Tue, 26 Dec 2017 15:28:53 +0300 |
parents | fb5eef3637a4 |
children | d765ffffd08c |
comparison
equal
deleted
inserted
replaced
2089:70c1e798a5c2 | 2090:a9a9a052b5bd |
---|---|
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
9 | 9 |
10 <module name="Module ngx_http_scgi_module" | 10 <module name="Module ngx_http_scgi_module" |
11 link="/en/docs/http/ngx_http_scgi_module.html" | 11 link="/en/docs/http/ngx_http_scgi_module.html" |
12 lang="en" | 12 lang="en" |
13 rev="37"> | 13 rev="38"> |
14 | 14 |
15 <section id="summary"> | 15 <section id="summary"> |
16 | 16 |
17 <para> | 17 <para> |
18 The <literal>ngx_http_scgi_module</literal> module allows passing | 18 The <literal>ngx_http_scgi_module</literal> module allows passing |
65 for example, from a real IP address of a client: | 65 for example, from a real IP address of a client: |
66 <example> | 66 <example> |
67 scgi_bind $remote_addr transparent; | 67 scgi_bind $remote_addr transparent; |
68 </example> | 68 </example> |
69 In order for this parameter to work, | 69 In order for this parameter to work, |
70 it is necessary to run nginx worker processes with the | 70 it is usually necessary to run nginx worker processes with the |
71 <link doc="../ngx_core_module.xml" id="user">superuser</link> privileges | 71 <link doc="../ngx_core_module.xml" id="user">superuser</link> privileges. |
72 and configure kernel routing table | 72 On Linux it is not required (1.13.8) as if |
73 the <literal>transparent</literal> parameter is specified, worker processes | |
74 inherit the <literal>CAP_NET_RAW</literal> capability from the master process. | |
75 It is also necessary to configure kernel routing table | |
73 to intercept network traffic from the SCGI server. | 76 to intercept network traffic from the SCGI server. |
74 </para> | 77 </para> |
75 | 78 |
76 </directive> | 79 </directive> |
77 | 80 |