socketServer的问题
我已经编写了一个python socketServer程序,我有几个问题
我希望该组能够回答...这是一个简单版本的
服务器:
class tr_handler(SocketServer.StreamRequestHandler):
def handle(self):
data = self.rfile.readline(300)
data = str.strip(data)
bytes = str(len(data))
public_ip = self.client_address [0]
serv_date = time.strftime(''%Y-%m-%d'',time.localtime() )
serv_time = time.strftime(''%H:%M:%S'',time.localtime())
#注意' '数据;来自客户端。
fp = file(''/ home / rbt / Desktop / tr_report.txt'',''a'')
fp.write( data +" \t" + serv_date +" \t" + serv_time +" \t" + p ublic_ip +" \t" + bytes +" \\\
")
fp.close()
if __name __ ==''__ main__'':
server = SocketServer.TCPServer(('''' ,55503),tr_handler)
server.serve_forever()
------------------- --------------------
1.我是否需要使用线程来处理请求,如果是这样,我将如何合并它们?
客户端轻巧快速,不会发送超过270个字节的数据,也不会一次连接超过10秒的
。目前有500个客户,可能会有几千美元......当前版本的规模有多高?
2.什么是处理服务器异常的正确方法(服务器停止,无法在启动时运行等)?
3.如何防止人们篡改服务器?客户端将数据字符串发送到
服务器。所有字符串都以x开头,以y结尾,中间有z。需要x在前面和后面的y和后面的y和z在中间的某个地方足以让人们离开吗?我愿意接受
的建议。
谢谢!
rbt
>
I have written a python socketServer program and I have a few questions
that I hope the group can answer... here is a simple version of the
server:
class tr_handler(SocketServer.StreamRequestHandler):
def handle(self):
data = self.rfile.readline(300)
data = str.strip(data)
bytes = str(len(data))
public_ip = self.client_address[0]
serv_date = time.strftime(''%Y-%m-%d'', time.localtime())
serv_time = time.strftime(''%H:%M:%S'', time.localtime())
# Note that ''data; comes from the client.
fp = file(''/home/rbt/Desktop/tr_report.txt'', ''a'')
fp.write(data+"\t"+serv_date+"\t"+serv_time+"\t"+p ublic_ip+"\t"+bytes+"\n")
fp.close()
if __name__==''__main__'':
server = SocketServer.TCPServer( ('''', 55503), tr_handler)
server.serve_forever()
---------------------------------------
1. Do I need to use threads to handle requests, if so, how would I incorporate them?
The clients are light and fast never sending more than 270 bytes of data and never connecting
for more than 10 seconds at a time. There are currently 500 clients and potentially there could be
a few thousand... how high does the current version scale?
2. What''s the proper way to handle server exceptions (server stops, fails to run at boot, etc.)?
3. How do I keep people from tampering with the server? The clients send strings of data to the
server. All the strings start with x and end with y and have z in the middle. Is requiring x at
the front and y at the back and z someplace in the middle enough to keep people out? I''m open to
suggestions.
Thanks!
rbt
rbt< rb*@athop1.ath.vt.edu>写道:
rbt <rb*@athop1.ath.vt.edu> writes:
1.我是否需要使用线程来处理请求,如果是这样,我将如何合并它们?客户端轻巧快速,不会发送超过270字节的数据,也不会连接超过10秒钟。目前有500个客户,可能还有几千个......当前版本的规模有多高?
现在写的方式,服务器读取一个请求,将一些东西写入日志,然后关闭连接。它不能同时处理多个请求,但是这没关系,没有连接保持
打开很长时间。如果你想要有更长时间运行的连接
同时打开,你需要某种类型的并发,比如线程。
但是你必须以不同的方式编写代码来序列化
日志记录。
您可能应该获得Python Cookbook的副本。这解释了多线程编程的基本原理,如果你不得不问这样的问题。
2.处理服务器异常的正确方法是什么(服务器停止,
无法在启动时运行等)?
3.如何防止人们篡改服务器?客户端将数据字符串发送到服务器。所有的字符串都以x开头,
以y结尾,z在中间。是需要前面的x和后面的z和中间的某个地方足以让人们退出吗?我愿意接受一些建议。
1. Do I need to use threads to handle requests, if so, how would I
incorporate them? The clients are light and fast never sending more
than 270 bytes of data and never connecting for more than 10 seconds
at a time. There are currently 500 clients and potentially there
could be a few thousand... how high does the current version scale?
The way it''s written now, the server reads a single request, writes
some stuff to the log, and closes the connection. It can''t handle
multiple requests simultaneously, but that''s ok, no connection stays
open for very long. If you want to have longer-running connections
open simultaneously, you need some type of concurrency such as threads.
But then you have to write the code differently, to serialize the
log recording.
You probably should get a copy of "Python Cookbook" which explains the
basics of multi-threaded programming, if you have to ask a question like that. 2. What''s the proper way to handle server exceptions (server stops,
fails to run at boot, etc.)? 3. How do I keep people from tampering with the server? The clients
send strings of data to the server. All the strings start with x and
end with y and have z in the middle. Is requiring x at the front and
y at the back and z someplace in the middle enough to keep people
out? I''m open to suggestions.
如果他们不知道使用那个x..y..z模式,它只能让他们出局
,甚至可能不是。获取安全工程的副本通过
罗斯安德森了解你正在处理的事情,特别是如果你的服务器控制了一些有价值的东西,那么就是b $ b。
It only keeps them out if they don''t know to use that x..y..z pattern
and maybe not even then. Get a copy of "Security Engineering" by
Ross Anderson to have an idea of what you''re dealing with, especially
if your server controls something valuable.
Paul Rubin写道:
Paul Rubin wrote:
rbt< rb*@athop1.ath.vt.edu>写道:
rbt <rb*@athop1.ath.vt.edu> writes:
1。我是否需要使用线程来处理请求,如果是这样,我将如何合并它们?客户端轻巧快速,不会发送超过270字节的数据,也不会连接超过10秒钟。目前有500个客户,可能还有几千......当前版本的规模有多高?
1. Do I need to use threads to handle requests, if so, how would I
incorporate them? The clients are light and fast never sending more
than 270 bytes of data and never connecting for more than 10 seconds
at a time. There are currently 500 clients and potentially there
could be a few thousand... how high does the current version scale?
打开很长时间。如果你想让更长时间运行的连接同时打开,你需要某种类型的并发,比如线程。
但是你必须以不同的方式编写代码,以序列化
日志记录。
您可能应该获得Python Cookbook的副本。这解释了多线程编程的基础知识,如果你不得不问一个问题
open for very long. If you want to have longer-running connections
open simultaneously, you need some type of concurrency such as threads.
But then you have to write the code differently, to serialize the
log recording.
You probably should get a copy of "Python Cookbook" which explains the
basics of multi-threaded programming, if you have to ask a question
或者看一看做非非线程的非线程方法阻止IO;我已经b / b
亲自使用Twisted库并且它们工作得很好而没有
手动线程开销[实际上,默认的reactor使用select,并且
''使用民意调查的'nix系统'的版本。
无论哪种方式都有效,它只取决于你想要的深度
将网络功能集成到代码中。正如其他人所说的那样
(转述,为偷窃报价而道歉;谷歌搜索不是b $ b b b),你不能使用扭曲,你提供Twisted回调
来使用你。
Or take a look at non-threaded ways of doing non-blocking IO; I''ve
personally used the Twisted libraries and they work decently without
manual thread overhead [indeed, the default reactor uses select, and
there''s a version for ''nix systems that uses poll].
Either way will work, it just depends on how deeply you want to
integrate the network functionality into the code. As someone else said
(paraphrased, an apologies for stealing the quote; a Google search isn''t
bringing it up), "You don''t use Twisted, you provide Twisted callbacks
to use you."
周五,2005-10-07 09:17-0700, Paul Rubinhttp:写道:
On Fri, 2005-10-07 at 09:17 -0700, Paul Rubinhttp: wrote:
3.如何防止人们篡改服务器?客户端将数据字符串发送到服务器。所有的字符串都以x开头,
以y结尾,z在中间。是需要前面的x和后面的z和中间的某个地方足以让人们退出吗?我愿意接受建议。
3. How do I keep people from tampering with the server? The clients
send strings of data to the server. All the strings start with x and
end with y and have z in the middle. Is requiring x at the front and
y at the back and z someplace in the middle enough to keep people
out? I''m open to suggestions.
如果他们不知道使用那个x..y..z模式
而且可能没有即使这样。获取安全工程的副本通过
罗斯安德森了解你正在处理什么,尤其是
如果你的服务器控制了一些有价值的东西。
It only keeps them out if they don''t know to use that x..y..z pattern
and maybe not even then. Get a copy of "Security Engineering" by
Ross Anderson to have an idea of what you''re dealing with, especially
if your server controls something valuable.
服务器只记录数据,没有别的。它不是私密的或重要的
数据......只是sys admin类型的东西(ip,mac addy等)。我只是不想要b $ b想要一些脚本小子发现它并试图破解它。通过
这样,他们会用废话填满日志。所以,如果数据不包含x,
y和z,如果数据太大或太小,我会将其记录到
''篡改记录并告诉leet黑客''走开''。
The server just logs data, nothing else. It''s not private or important
data... just sys admin type stuff (ip, mac addy, etc.). I just don''t
want some script kiddie discovering it and trying to ''hack'' it. By doing
so, they''d fill the log up with crap. So, If the data doesn''t contain x,
y, and z and if the data is too big or too small, I record it to a
''tamper'' log and tell the leet hacker to ''go away''.