Problem about rules for deny ips

I am trying to configure nginx rules where I allow access only to a
range of IPs but has a rewrite and does not allow this action anyone
have any idea how to configure these types of hits?

for example

    location /internal {
        root /var/www/folder/app/webroot;
        index index.php;
        if (-f $request_filename) {
            break;
        }
        error_page   500 502 503 504  @error_web;

        # Trigger 503 response on maintenance
        set $maintenance 0;
        if (-f /var/www/folder/.mant) {
            set $maintenance 1;
        }
        if ($remote_addr = 127.0.0.1) {
            set $mant 0;
        }
        if ($maintenance) {
            return 503;
       }
       if (!-f $request_filename) {
            rewrite ^/(.+)$ /index.php?url=$1 last;
            break;
       }
       allow xxx.xxx.xxx.0/24;
        deny all;
    }


Atte.
Pablo Ziga E
(+56 9) - 75195192
MSN && Gtalk: [email protected] | Skype: ed00m_