Implement ZMQ_TCP_ACCEPT_FILTER setsockopt() for listening TCP sockets.

Assign arbitrary number of filters that will be applied for each new TCP transport connection on a listening socket. If no filters applied, then TCP transport allows connections from any ip. If at least one filter is applied then new connection source ip should be matched. To clear all filters call zmq_setsockopt(socket, ZMQ_TCP_ACCEPT_FILTER, NULL, 0). Filter is a null-terminated string with ipv6 or ipv4 CIDR. For example: localhost 127.0.0.1 mail.ru/24 ::1 ::1/128 3ffe:1:: 3ffe:1::/56 Returns -1 if the filter couldn't be assigned(format error or ipv6 filter with ZMQ_IPV4ONLY set) P.S. The only thing that worries me is that I had to re-enable 'default assign by reference constructor/operator' for 'tcp_address_t' (and for my inherited class tcp_address_mask_t) to store it in std::vector in 'options_t'...
2025-10-28 19:52:00 +01:00 · 2012-04-12 18:37:14 +04:00
parent e276df2bdf
commit acba6bdd6c
8 changed files with 202 additions and 8 deletions
--- a/src/tcp_listener.hpp
+++ b/src/tcp_listener.hpp
@@ -62,7 +62,8 @@ namespace zmq

        //  Accept the new connection. Returns the file descriptor of the
        //  newly created connection. The function may return retired_fd
-        //  if the connection was dropped while waiting in the listen backlog.
+        //  if the connection was dropped while waiting in the listen backlog
+        //  or was denied because of accept filters.
        fd_t accept ();

        //  Address to listen on.