No experts out there :) Ports, servers and interfaces.
Dar Scott
dsc at swcp.com
Thu Apr 22 18:31:06 EDT 2004
On Thursday, April 22, 2004, at 04:09 PM, David Bovill wrote:
> David Bovill wrote:
>
>> Been taking a look at the code Pierre (Hi...) posted for running Rev
>> as a server so it can accept messages from a CGI process written in a
>> language such as php....
>>
>> Using accept connections is there any way to restrict the connections
>> to come from localhost (ie a particular interface)?
>>
>> Should I use:
>>
>> open socket to "127.0.0.1:732" with message "newconnect"
>>
>> Rather than accept?
No. Revolution uses the sockets model of TCP/IP passive-open which
requires a wide open listener that spawns off connections. This is
done with accept.
You can close down the port from the outside with a local firewall.
Brian Yennie's suggestion is simple and clean. It is what I do for a
simple filter. Well, I'd parse out the ip address instead of using
peerAddress(), but I might be missing something; peerAddress() might be
just as fast.
If you are worried about DoS, then you might want to also shut down the
accept for a short period.
Dar Scott
More information about the use-livecode
mailing list