Python Twisted: restricting access by IP address?

When a connection is established, a factory's buildProtocol is called to create a new protocol instance to handle that connection. BuildProtocol is passed the address of the peer which established the connection and buildProtocol may return None to have the connection closed immediately So, for example, you can write a factory like this: from twisted.internet. Protocol import ServerFactory class LocalOnlyFactory(ServerFactory): def buildProtocol(self, addr): if addr.host == "127.0.0.1": return ServerFactory.

BuildProtocol(self, addr) return None And only local connections will be handled (but all connections will still be accepted initially since you must accept them to learn what the peer address is) You can apply this to the factory you're using to serve XML-RPC resources. Just subclass that factory and add logic like this (or you can do a wrapper instead of a subclass) iptables or some other platform firewall is also a good idea for some cases, though. With that approach, your process never even has to see the connection attempt.

When a connection is established, a factory's buildProtocol is called to create a new protocol instance to handle that connection. BuildProtocol is passed the address of the peer which established the connection and buildProtocol may return None to have the connection closed immediately. So, for example, you can write a factory like this: from twisted.internet.

Protocol import ServerFactory class LocalOnlyFactory(ServerFactory): def buildProtocol(self, addr): if addr.host == "127.0.0.1": return ServerFactory. BuildProtocol(self, addr) return None And only local connections will be handled (but all connections will still be accepted initially since you must accept them to learn what the peer address is). You can apply this to the factory you're using to serve XML-RPC resources.

Just subclass that factory and add logic like this (or you can do a wrapper instead of a subclass). Iptables or some other platform firewall is also a good idea for some cases, though. With that approach, your process never even has to see the connection attempt.

1 indeed that's the best place to apply the check. Thanks. – nosklo Aug 21 '09 at 13:48.

Okay, another answer is to get the ip address from the transport, inside any protocol: d = self.transport. GetHost () ; print d. Type, d.

Host, d. Port Then use the value to filter it in any way you want.

I'd use a firewall on windows, or iptables on linux.

Iptables are an option for locking out IPs, but I want to do some custom things like allowing certain methods for certain IPs. – sberry2A Aug 13 '09 at 22:42.

BuildProtocol is passed the address of the peer which established the connection and buildProtocol may return None to have the connection closed immediately. And only local connections will be handled (but all connections will still be accepted initially since you must accept them to learn what the peer address is). You can apply this to the factory you're using to serve XML-RPC resources.

Just subclass that factory and add logic like this (or you can do a wrapper instead of a subclass). Iptables or some other platform firewall is also a good idea for some cases, though. With that approach, your process never even has to see the connection attempt.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.

Related Questions

» About WebKnox
» Contact
» WebKnox Blog
» RSS
» Newsletter
» Twitter
» API
» API Showcase