how to register the on_open callback on tcp accept of the websocket, before any ssl code execution?

[uniqss]

Sometimes our server will ban some IP address, it should be disconnected on first tcp accept, before any ssl or other code execution. So we need to register the uSockets on_open callback of the websocket.

[uniqss]

Just find the context then call us_socket_context_on_open. So how to get the context of the websocket's first tcp accept?

[ghost]

You should ban IP addresses using the kernel

[yasser-sobhy]

this is how it can be done using iptables https://making.pusher.com/per-ip-rate-limiting-with-iptables/

On Wed, Jan 1, 2020 at 3:20 PM alexhultman-2fa notifications@github.com wrote:

You should ban IP addresses using the kernel

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/uNetworking/uWebSockets/issues/981?email_source=notifications&email_token=ABLRXBH2VAFI7SYLYCZSC33Q3SKBFA5CNFSM4KB2TTL2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEH5FAWA#issuecomment-570052696, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLRXBB6JLVMDU4T6HQ6H6DQ3SKBFANCNFSM4KB2TTLQ .

[uniqss]

@yasser-sobhy @alexhultman-2fa thanks very much for your kindly answer. It seemed not a good idea to block the ip at program-level on security level, because when the program get accept, many things already happened, from syn queue to accept queue and a callback. but we just need some program-level settings, not so efficient, just for usage. such as when our program is online for test, pre-publish, we just want our company's users to use, just config a xml or a json file. so can we get the client peer's ip address on websocket on_open callback? there are two parameters: void wss_on_open(uWS::WebSocket<true, true>* ws, uWS::HttpRequest* req)

[ghost]

You have to start reading the docs and using your IDE. You can't misuse the issue tracker as your personal free consultant. There's plenty of info available on this topic.