On Tue, 21 Sep 2004 18:00:27 +0200, Eugene Coetzee <projects@reedflute.com> wrote:
[snip] If I "should not rely on transport" (I imagine this refers to IP spoofing) - what is the most reliable way of getting the client's IP address from inside an instance of http.Request ? I would also like to drop the illegal connection as quickly as possible - much sooner than http.Request.process() happens.
Indeed you do want to do it much sooner - I don't think you want to be modifying HTTP code to use TCP wrappers. I think you want to modify the protocol factory (Site, in the case of HTTP) to use TCP wrappers. buildProtocol takes an address argument. If the factory returns None, the connection is dropped before any bytes are read from it. You should be able to implement this as a factory wrapper, too, so that it is useable with any existing factory. See twisted.protocols.policies for examples of how to do this. Jp