#include <FXNetworkService.h>
Inheritance diagram for FX::FXNetworkService:
FXNetworkService is designed to operate a front-end network service interface which is capable of scaling excellently with load and providing a few of the more common anti-DDoS measures and of course hooks to add your own custom anti-DDoS measures. It does not directly support anything other than a FX::QBlkSocket as you should always try to avoid using SSL on a public facing port as it greatly increases your susceptibility to server CPU exhaustion (you can of course always subsequently negotiate a SSL connection after you have verified identity - this is what Tn does). Of course, you can hack in a FX::QSSLDevice with a little bit of work if you want to.
Ban masks are supported whereby entire IP classes can be banned, as well as client throttling, per-IP record keeping (based on a LRU cache which will self-adjust according to free memory) and per-IP attempt throttling. FXNetworkService basically takes away most of the pain and drudgery of dealing with potentially hostile external networks and lets you get on with the service implementation.
The acceptExternalClients constructor parameter when false simply adds a ban mask on all non-localhost addresses. Ban masks work through the AND and XOR technique whereby an incoming IP address is ANDed with the mask and then XORed with the XOR, and if the remaining value is zero then the IP is accepted. FX::Maths::Vector<> is used so SIMD will be used on machines supporting it to perform the bit operations.
Definition at line 77 of file FXNetworkService.h.
Public Types | |
typedef Generic::Functor< Generic::TL::create< Action, FXNetworkService *, QBlkSocket * >::value > | NewClientSpec |
ACCEPTED | |
REFUSE | |
BAN | |
DELETERECORD | |
enum | Action { ACCEPTED, REFUSE, BAN, DELETERECORD } |
typedef Generic::Functor< Generic::TL::create< void, QThread * >::value > | CreationUpcallSpec |
Auto | |
InProcess | |
InKernel | |
enum | ThreadScheduler { Auto, InProcess, InKernel } |
Public Member Functions | |
FXNetworkService (QBlkSocket *serversocket, NewClientSpec newclientv, QThreadPool *dispatch=0, FXuint lrucachesize=1000, FXuint maxclients=0, bool acceptExternalClients=true, const char *threadname="Network Service Monitor Thread") | |
~FXNetworkService () | |
QBlkSocket * | serverSocket () const throw () |
void | setServerSocket (QBlkSocket *s) |
QThreadPool * | dispatchPool () const throw () |
void | setDispatchPool (QThreadPool *pool) |
FXuint | maxClients () const throw () |
void | setMaxClients (FXuint no=0) |
FXuint | maxClientsPerIP () const throw () |
void | setMaxClientsPerIP (FXuint no=8) |
float | maxClientAttemptsPerMinute () const throw () |
void | setMaxClientAttemptsPerMinute (float max=1.0) |
FXTime | banPeriod () const |
void | setBanPeriod (const FXTime &period=FXTime(FXTime::micsPerHour)) |
QMemArray< IPMask > | bannedIPMasks () const |
void | setBannedIPMasks (const QMemArray< IPMask > &list) |
QHostAddressDict< FXNetworkServiceClient > | IPClientRecords () const |
FXNetworkServiceClient | IPClientRecord (const QHostAddress &a) const |
const char * | name () const throw () |
FXuval | stackSize () const |
void | setStackSize (FXuval newsize) |
ThreadScheduler | threadLocation () const |
void | setThreadLocation (ThreadScheduler threadloc) |
bool | wait (FXuint time=FXINFINITE) |
void | start (bool waitTillStarted=false) |
bool | finished () const throw () |
bool | running () const throw () |
bool | inCleanup () const throw () |
bool | isValid () const throw () |
bool | setAutoDelete (bool doso) throw () |
void | requestTermination () |
FXulong | myId () const |
QThread * | creator () const |
signed char | priority () const |
void | setPriority (signed char pri) |
FXulong | processorAffinity () const |
void | setProcessorAffinity (FXulong mask=(FXulong)-1, bool recursive=false) |
virtual void | selfDestruct () |
void * | result () const throw () |
void | disableTermination () |
bool | checkForTerminate () |
void | enableTermination () |
Generic::BoundFunctorV * | addCleanupCall (FXAutoPtr< Generic::BoundFunctorV > handler, bool inThread=false) |
bool | removeCleanupCall (Generic::BoundFunctorV *handler) |
Static Public Member Functions | |
static FXulong | id () throw () |
static QThread * | current () |
static QThread * | primaryThread () throw () |
static void | sleep (FXuint secs) |
static void | msleep (FXuint millisecs) |
static void | yield () |
static void | exit (void *retcode) |
static void | addCreationUpcall (CreationUpcallSpec upcallv, bool inThread=false) |
static bool | removeCreationUpcall (CreationUpcallSpec upcallv) |
static FXDLLLOCAL void * | int_cancelWaiterHandle () |
Protected Member Functions | |
FXLRUCache< QHostAddressDict< FXNetworkServiceClient > > & | rawIPClientRecords () |
virtual QThreadPool::handle | newClientUpcall (FXNetworkService *service, QBlkSocket *skt, FXNetworkServiceClient &record, Action &action, NewClientSpec &newclientv) |
virtual void | run () |
virtual void * | cleanup () |
QMUTEX_INLINEP bool | isLocked () const |
QMUTEX_INLINEP FXbool | locked () const |
QMUTEX_INLINEP FXuint | spinCount () const |
QMUTEX_INLINEP void | setSpinCount (FXuint c) |
QMUTEX_INLINEP void | lock () |
QMUTEX_INLINEP void | unlock () |
QMUTEX_INLINEP bool | tryLock () |
QMUTEX_INLINEP FXbool | trylock () |
Static Protected Member Functions | |
static QMUTEX_INLINEP bool | setMutexDebugYield (bool v) |
Classes | |
struct | IPMask |
Banned IP mask. More... |