[Libwebsockets] Max connections

Srikar Vadlamani SrikarVadlamani at trafficware.com
Thu Oct 13 23:22:02 CEST 2016


Andy,

I am using lws for its http functionality. Only have 1 protocol defined.
I want to only allow n connections due to limited memory.

I do not want to close the connection, but keep it in pending/wait state, as a browser when loading a webpage with css and other js will request multiple connections at once,
If I close the connection webpage will fail to load properly.

I am currently using lws_http_mount to serve static pages. 

I respond to any POST requests in the http_callback.

After every LWS_CALLBACK_HTTP_FILE_COMPLETION event, I can return (-1) to close the connection. The logs show that connection is closed, but netstat shows me it is in TIMED_WAIT state.
What is the best way to know number of open/pending http connections? Instead of closing the connection is there a way to put that connection is wait state, if it exceeds a certain number.
Can I expect LWS_CALLBACK_CLOSED_HTTP every time a socket is closed?

Srikar




-----Original Message-----
From: Andy Green [mailto:andy at warmcat.com] 
Sent: Tuesday, October 11, 2016 9:01 AM
To: Srikar Vadlamani <SrikarVadlamani at trafficware.com>; libwebsockets at ml.libwebsockets.org
Subject: Re: [Libwebsockets] Max connections



On October 11, 2016 9:47:20 PM GMT+08:00, Srikar Vadlamani <SrikarVadlamani at trafficware.com> wrote:
>Hello,
>
>Is there a way to limit max number of connections?

You can just refuse connections as soon as they are accepted at the network level, if you don't want them to proceed as http[s]/ws[s] logical connections, for whatever reason.

https://github.com/warmcat/libwebsockets/blob/master/lib/libwebsockets.h#L770

LWS_CALLBACK_FILTER_NETWORK_CONNECTION			= 17,
	/**< called when a client connects to
	 * the server at network level; the connection is accepted but then
	 * passed to this callback to decide whether to hang up immediately
	 * or not, based on the client IP.  in contains the connection
	 * socket's descriptor. Since the client connection information is
	 * not available yet, wsi still pointing to the main server socket.
	 * Return non-zero to terminate the connection before sending or
	 * receiving anything. Because this happens immediately after the
	 * network connection from the client, there's no websocket protocol
	 * selected yet so this callback is issued only to protocol 0. */

Notice though an attacker can lock you out if his connections can be accepted first, and you refuse all after the first n connections.  You might want to make, eg, connections from 127.0.0.1 always accepted.

-Andy

>srikar
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Libwebsockets mailing list
>Libwebsockets at ml.libwebsockets.org
>http://libwebsockets.org/mailman/listinfo/libwebsockets



More information about the Libwebsockets mailing list