ngx_lua实现CIDR的匹配 

server {
	listen 38090;

	access_by_lua_block {
		local require = require
		local ipmatch = require("resty.ipmatcher")

		local ip, err = ipmatch.new({
			"192.168.10.100",
			"172.0.0.0/8",
			"127.0.0.1"
		})

		if not ip then
			ngx.log(ngx.ERR, "new ipmatcher err: ", err)
		end

		-- 获取请求头
		local h = ngx.req.get_headers()["addr"]
		if not h then
			ngx.log(ngx.ERR, "get request header is null!")
		end

		local exist, err = ip:match(h)
		if exist then
			ngx.log(ngx.ERR, "此IP在白名单内: 放行, ip: ", h)
		else
			ngx.log(ngx.ERR, "此IP不在白名单内: 拒绝, ip: ", h)
			-- ngx.status = 403
			return ngx.exit(403)
		end

	}

	location / {
		echo "success!";
	}
}
posted @ 2022-09-15 15:09  白--茶  阅读(82)  评论(0编辑  收藏  举报