Hello, > On 9 Aug 2015, at 17:07, Cory Benfield <c...@lukasa.co.uk> wrote: > > >> On 8 Aug 2015, at 08:07, Chris Norman <chris.norm...@googlemail.com> wrote: >> >> Hi all, >> I am using Twisted to make a game server. I want to be able to ban IP >> addresses. Currently I check if the host is in a blacklist, and if it is, >> call abortConnection on the transport. It works fine, but I'm thinking there >> should be a better way, to actively refuse the connection in the first place? > > I am not aware of any hook in the BSD socket API that lets you refuse a > connection entirely. Generally, you put a socket into ‘listen’ mode > (indicating to the OS that you’ll accept new connections), and then you call > accept() to get the new connection. In fact, the OS will accept the > connection even before you call accept(): it’ll do it asynchronously, and you > will just get the FD for the connection. IIRC Windows has a winsock specific > thing that might do what you want, but that’s pretty platform specific and > probably doesn’t actually prevent the connection getting established anyway. > > If you really want to never allow the connection at all, you’ll probably want > to program iptables (or some other firewall if you aren’t on Linux) to do the > packet filtering for you. A combination of iptables and ipsets will get you a > high-performance IP address blacklist that will drop all packets before they > ever reach your application.
Thanks for that. I was sort of hoping for a Pythonic solution that doesn't rely on SubProcess ETC, particularly as I want this server to run on any OS you throw at it. Thanks for the idea though, I'll certainly use that if I get something that little Python can't handle. > > Cory > > > _______________________________________________ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python _______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
