Guidance
指路人
g.yi.org
Guidance Forums / Rapid-Q Basic / Deny tcp session

Register 
注册
Search 搜索
首页 
Home Home
Software
Upload

  
Forum List • Thread List • Refresh • New Topic • Search • Previous • Next First 1 Last
Message1. Deny tcp session
#881
Posted by: Gerard 2003-05-02 18:23:22
Hi everyone,
Has some of you any experience with, how to send a deny i.s.o. accept a socket connection? To drop it, is more difficult. What I do now is; it accepts the connection, looks up in the IP acceptance table and if it exists, then continues. If it does not exist, it ends the tcp session. This is not a nice way to handle tcp sessions.
Hopefully does someone have a better solution?

Regards Gerard
Message2. Re: Deny tcp session
#885
Posted by: Gerard 2003-05-05 22:07:27
A quick question for Doctor Electron.

If I read your specs about Rsocket and if I understand it well, then I can use Raw sock to send a RST tcp package. Is this correct?

   |U|A|P|R|S|F|
   |R|C|S|S|Y|I|
   |G|K|H|T|N|N|
          ^
          |_____  This flag(bit) needs to be set in the TCP header.

This can be very handy if you want to stop a tcp session from an unwanted IP address.

Rgrds,

Gerard

Message3. Re: Deny tcp session
#889
Posted by: 2003-05-09 03:18:10
You are right, you can use a raw socket to send such a packet.  However, if you have accepted the connection; I am not sure what the result would be.  You would tell the other guy you have reset the connection.  But your program would still think a connection was established.
If you have Rsocket.inc in place, just do this when you want to close a connection.
Dim peer as RSocket, ret As LONG, cS As LONG
'you get the socket handle, cS,
'as described in code example in another post
'The following is a more "low-level" implementation of peer.Close(cS)
ret=shutdown(cS,2)  'tell the other guy we are "history"
ret=closesocket(cS)  'get rid of the socket
cS=0  'can be used as a flag that there is NO socket handle anymore.
Hope this helps.  Take care, doc
P.S. socket handles like cS are created with cS=Peer.S OR when a connection is accepted.  This latter case applies to your query.
Message4. Re: Deny tcp session
#897
Posted by: Gerard 2003-05-09 22:21:25
Thanks doctor electron,

What I read in the specs RFC 793, I should sent a |RST|ACK| to both (Source and destination). So they will both free there resources and the program should recognize that the connection has been lost (disconnected) and ready we are.
I'll try your suggestion.

P.S. This is the first serious forum I found about RapidQ.

Thanks again

Regards,

Gerard
Message5. Re: Deny tcp session
#900
Posted by: Gerard 2003-05-09 23:43:41
Sorry Doc,

I do not understand how to use the cS = Peer.S if I open a port for listening.
May be you can explain how to do that in RSocket.  What I understand is that you can use it only for Peer.connect blocking or non-blocking.
A suggestion for RSocket: Is it possible to create the option, for the listening mode to bind only to an IP or a number of IP's of your choice? Qsocket/open binds to all existing IP's on your machine. This option could be very handy if you develop applications that have the ability to relay data, i.e. smtp relay's, you can bind each of the application to another IP and still use port 25 for both applications. Testing is then still possible on a single machine

Regards again,

Gerard
Message6. Re: Deny tcp session
#902
Posted by: 2003-05-11 14:14:18
Gerard, with
Dim peer as Rsocket, cS As LONG
cS=Peer.S  'is the same as sC=socket(arg1,arg2,arg3)
1. Above is used to get socket handle for initiating connections (Client).
2. Code like the following sets up listening ports Port(n) each with an associated socket handle Sock(n).
nServers=n 
FOR n=1 to nServers
Sock(n) = Peer.Open(Port(n))
IF Sock(n)<=0 THEN ShowDat "Server Error, Port "+STR$(Port(n)): Goto ServerDone
ret = Peer.NonBlock(Sock(n))
NEXT n
THEN, when you check for connections, you do something like this and get the socket handle for a particular client once connected:
S=Sock(n)
IF Peer.ConnectionReady(S) <= 0 THEN Goto NextListenPort
cS=Peer.Accept(S): t$ = Peer.GetPeerName(cS)
SUMMARY: 1 and 2 above are methods to get socket handle cS for a connections.  Socket handle S is just for the statements above involved in accepting a connection.

About the ACK and RST stuff, that is what happens when you do the shutdown and socketclose I described previously.

About the binding, in GypsyProxy, it responds with the above code to all IPs associated with its host machine, ie, internet IP and LAN IP.  In fact,
the peer.open and peer.accept ARE the Qsocket routines since Rsocket does not change them.

You can run any number of clients and servers on the same machine using the IP address of 127.0.0.1 for the servers (two servers cannot listen on the same port, however).  This is what happens when you tell your browser to use GypsyProxy at 127.0.0.1 port 8080 or when you look up your own web site in the browser with http://127.0.0.1/
yours, doc
Message7. Re: Deny tcp session
#908
Posted by: Gerard 2003-05-12 19:01:45
Yes doc,
You confirmed my thoughts. cS=Peer.S can only be used in client applications for "outbound" initiates. The listening (server) Open statement does still reply with its &#8220;own&#8221; handle from RapidQ QSocket. So I can use the socket handle, the one I get from the Accept (S) to end the connection in your created (API call) Ret=Shutdown(cS,2), this will send a |RST|ACK| and next do the CloseSocket(cS) to free resources. I only did the CloseSocket stuff and saw that it did not free up the resources. After a period of time (time out) the sockets disappeared.
You are right about using the same port number, but if you can bind that particular port to an IP and another application or the same with the same port number to another IP, then from the OS point of view, you are free to do that. I did it ones with an e-mail gateway and an e-mail content scanner. I created on the same NIC two IP&#8217;s. The e-mail gateway was bound to the WAN IP and the content scanner to the second (LAN) IP, both using port 25. Mail came in on the WAN IP and relayed it to the content scanner with the LAN IP, excepting only from the WAN IP. Why? It was only for hiding the content scanner we were using from the outside world, no big deal.

Thanks again for answering these questions. (See also a question about the new Libraries you created.)

Regards,

Gerard
Message8. Re: Deny tcp session
#910
Posted by: 2003-05-13 10:49:47
Well, Gerard, you are now beyond what I have done?  How do you do it?  Bind a listening port to a particular interface (IP address).  There is the bind API in winsock, but I have never used it.  Now you teach me!
Message9. Re: Deny tcp session
#921
Posted by: Gerard 2003-05-14 03:45:53
Uhmm. I was talking about regular software you use in a professional environment. I did not make any of these applications. Both applic's had the option to bind to a specific IP. Even 127.0.0.1 (loop-back) was an option. Sorry Doc for the misunderstanding!
I'll take a look at the API call you mentioned. May be am I capable to get it work. I'll let you know.

Yours,

Gerard
Message10. Re: Deny tcp session
#934
Posted by: 2003-05-17 23:54:50
peer.S is used for connection. the peer.listen is used to get the socket handle for the listening por.  the peer.accept is used to get the socket handle for an incoming connection on the listening port.
Re binding to specific addresses, see the bind API in win23.hlp on that.
Message11. Re: Deny tcp session
#949
Posted by: Gerard 2003-05-19 04:19:52
B.t.w,  are you PCW  and did you get your degree?
I always thought that you had an electronic background (like I have). It is a perfect match and increases the pleasure of programming. I started with the Micro Professor (6502 based) and made a lot of electronic controls. Later on, the Commodore 64 came. That was really fun (Still the 6502 instruction set). Made a lot of control boards. Know I'm playing with Pentium machines and they are making me sometimes dizzy.
Well, enough talking for today. The real life starts tomorrow again. Local time is 22:17 and probably you are sleeping, zzzzzzz...

Greetings,

Gerard
Message12. Re: Deny tcp session
#955
Posted by: 2003-05-21 08:07:27
PCW?  I have a PhD and yes, I did earn it.  Please see about.html at NetCensus for more info.  Yes, I do electronics, also.
Message13. Re:Example bind port to IP
#968
Posted by: Gerard 2003-05-27 04:38:06
As promised, an example how to bind a port to an IP:


$OPTIMIZE ON
$APPTYPE GUI
$TYPECHECK ON
    
CONST AF_INET = 2
CONST SOCK_STREAM = 1
CONST IPPROTO_TCP = 6
CONST INADDR_LOCALHOST = &H7F000001 '127.0.0.1    

DECLARE FUNCTION BindAddr LIB "wsock32.dll" ALIAS "bind" (hsocket AS LONG, sockaddr AS LONG, _
                 saSize AS LONG) AS LONG
DECLARE FUNCTION htonl LIB "wsock32.dll" ALIAS "htonl" (hbo AS LONG) AS LONG
DECLARE FUNCTION htons LIB "wsock32.dll" ALIAS "htons" (hbo AS WORD) AS WORD
DECLARE FUNCTION inet_addr LIB "wsock32.dll" ALIAS "inet_addr" (dottedAdr AS STRING) AS LONG
DECLARE FUNCTION listen LIB "wsock32.dll" ALIAS "listen" (hsocket AS LONG, backlog AS LONG) AS LONG
DECLARE FUNCTION socket LIB "wsock32.dll" ALIAS "socket" (af AS LONG, stype AS LONG, protocol _
                 AS LONG) AS LONG

TYPE InetBindStruc
     SinFam AS SHORT
     SinPrt AS SHORT
     SinAddr AS LONG
     SinZero1 AS LONG
     SinZero2 AS LONG
END TYPE

DIM Sock AS INTEGER
DIM InetBindStr AS InetBindStruc
DIM Mem As QMEMORYSTREAM
DIM Rtn AS INTEGER

Sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)
' 16 bytes structure
InetBindStr.SinFam = AF_INET 'SIN_FAM
InetBindStr.SinPrt = htons(12345) 'SIN_PORT  Oops, port 12345 ?
InetBindStr.SinAddr = htonl(INADDR_LOCALHOST) 'SIN_ADDRESS
Mem.writeUDT(InetBindStr)
Rtn = BindAddr(Sock, mem.pointer, 16) 'Bind port to IP
Rtn = listen(Sock,1) 'Max_pending is 1
'No error checks done!


CREATE Dummy AS QFORM
    Caption = "Socket Bind Test"
    Width = 250
    Height = 150
    Center
    CREATE LABEL AS QLABEL
        Width = 150
        Top = 40
        Left = 5
        Caption = "This Example binds port: 12345 to IP: 127.0.0.1"
    END CREATE
END CREATE

Dummy.Showmodal


Yours,

Gerard
Forum List • Thread List • Refresh • New Topic • Search • Previous • Next First 1 Last
掌柜推荐
 
 
 
 
 
 
 
 
 
 
 
 
© Wed 2021-12-8  Guidance Laboratory Inc.
Email:webmaster1g.yi.org Hits:0