如何通过 localhost 使用多播限制流量
问题描述
I'm using multicast UDP over localhost to implement a loose collection of cooperative programs running on a single machine. The following code works well on Mac OSX, Windows and linux. The flaw is that the code will receive UDP packets outside of the localhost network as well. For example, sendSock.sendto(pkt, ('192.168.0.25', 1600))
is received by my test machine when sent from another box on my network.
import platform, time, socket, select
addr = ("239.255.2.9", 1600)
sendSock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sendSock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 24)
sendSock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_IF,
socket.inet_aton("127.0.0.1"))
recvSock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
recvSock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, True)
if hasattr(socket, 'SO_REUSEPORT'):
recvSock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, True)
recvSock.bind(("0.0.0.0", addr[1]))
status = recvSock.setsockopt(socket.IPPROTO_IP, socket.IP_ADD_MEMBERSHIP,
socket.inet_aton(addr[0]) + socket.inet_aton("127.0.0.1"));
while 1:
pkt = "Hello host: {1} time: {0}".format(time.ctime(), platform.node())
print "SEND to: {0} data: {1}".format(addr, pkt)
r = sendSock.sendto(pkt, addr)
while select.select([recvSock], [], [], 0)[0]:
data, fromAddr = recvSock.recvfrom(1024)
print "RECV from: {0} data: {1}".format(fromAddr, data)
time.sleep(2)
I've attempted to recvSock.bind(("127.0.0.1", addr[1]))
, but that prevents the socket from receiving any multicast traffic. Is there a proper way to configure recvSock to only accept multicast packets from the 127/24 network, or do I need to test the address of each received packet?
Unfortunately, multicast IP doesn't have any such "filtering by subnetwork" feature -- so, unless you want to muck with IPTables (on Linux) or equivalent "firewall" SW/HW of your system/network to try and "drop on the floor" every multicast packet you don't like, I think you'll have to do it at application level (with a test on fromAddr
in your inner loop, for example). Is the IP traffic from other hosts so much it degrades your performance...?
相关文章