0

Is it possible to check the IP of the remote host on the server/acceptor side before accepting the connection?

The reason behind it: I have n clients regularly trying to connect to a server, and I do not want to constantly have n open connections. Instead I would like to be able to choose which clients I want to connect with and only accept these connections when I need them.

Unfortunately, the connect needs to be initiated from the client, so in a reverse kind of way, due to firewall and policies.

Is this even possible from a TCP perspective and how can this be done in asio?

Tanner Sansbury
  • 51,153
  • 9
  • 112
  • 169
user66875
  • 2,772
  • 3
  • 29
  • 55
  • 1
    Clients initiating connections sounds like the normal way connections are made. As for your problem, there no standard way to "peek" at incoming connection is the queue, only once you have accepted the connection can you get its address. And it's also the only standard way to dismiss connections, you can't "close" connections in the incoming queue. – Some programmer dude Feb 29 '16 at 13:51
  • Ah ok thank you, then I need to think of another way to do that. – user66875 Feb 29 '16 at 13:53
  • @user66875 Probably not. You can just accept the connection, get the remote IP address (see [here](http://stackoverflow.com/questions/601763/how-to-get-ip-addresss-of-boostasioiptcpsocket) ) and close that connection if you don't like that client. – nos Feb 29 '16 at 14:12

1 Answers1

0

There are two approach:

  1. You accept the connection and get peer address, check and close it. You can also take the opportunity to tell the client that server is busy. This however on the cons side might open up attack vector for massive connection request.

  2. You modify the firewall in run time, using something like fail2ban.

By the way, what make you not willing to hold N open connection? Modern system can handle hundreds of thousand, even millions of connection without issue.

Non-maskable Interrupt
  • 3,841
  • 1
  • 19
  • 26
  • Thank you, I will try implementing 1). I wasn't aware that opening so many connections wont be a problem performance wise – user66875 Feb 29 '16 at 14:11