Hello,
Firstly, kindly thank You to Mr Raymond Toy for his patience when I tried to learn CMUCL.
Now is time to do something concrete, i.e. to build a CMUCL-chain.
Some elements are already completed (very simple version).
The goal is to create a commercial CMUCL-chain, not easy, but worth trying.
I would need some help with CREATE-INET-LISTENER.
CREATE-INET-LISTENER is the ports opener, a critical moment from the cyber-security standpoint.
Explanation of the DEFUN below, the proposals inside, and the questions at the very end.
The names like "af-inet-mod-1" and "create-inet-listener-mod-1" are in fact COPIES from sources.
I have only added :ALIEN, :C-CALL :UNIX descriptions, to know what is coming from where.
create-inet-listener-mod-1 = CREATE-INET-LISTENER, in sources.
(DEFUN create-inet-listener-mod-1
(port &OPTIONAL (kind :STREAM) &KEY (host 0) reuse-address (backlog 5))
(LET ((socket (CREATE-INET-SOCKET kind))
(addr
(IF (STRINGP host)
(HOST-ENTRY-ADDR
(OR (LOOKUP-HOST-ENTRY host)
(ERROR 'socket-error-mod-1
:FORMAT-CONTROL (INTL:GETTEXT "Unknown host: ~S.")
:FORMAT-ARGUMENTS (LIST host)
:ERRNO (UNIX:UNIX-ERRNO)))) host)))
(WHEN reuse-address
(MULTIPLE-VALUE-BIND (optval errno)
(set-socket-option-mod-1 socket sol-socket-mod-1 so-reuseaddr-mod-1 1)
(OR optval
(ERROR 'socket-error-mod-1
:FORMAT-CONTROL (INTL:GETTEXT "Error ~S setting socket option on socket ~D.")
:FORMAT-ARGUMENTS (LIST (UNIX:GET-UNIX-ERROR-MSG errno) socket)
:ERRNO errno))))
(ALIEN:WITH-ALIEN ((sockaddr inet-sockaddr))
(SETF (ALIEN:SLOT sockaddr 'family) af-inet-mod-1)
(SETF (ALIEN:SLOT sockaddr 'port) (HTONS port))
(SETF (ALIEN:SLOT sockaddr 'addr) (HTONL addr))
(WHEN (MINUSP
(UNIX:UNIX-BIND socket
(ALIEN:ALIEN-SAP sockaddr)
(ALIEN:ALIEN-SIZE inet-sockaddr :BYTES)))
(LET ((errno (UNIX:UNIX-ERRNO)))
(UNIX:UNIX-CLOSE socket)
(ERROR 'socket-error-mod-1
:FORMAT-CONTROL (INTL:GETTEXT "Error binding socket to port ~A: ~A")
:FORMAT-ARGUMENTS (LIST port (UNIX:GET-UNIX-ERROR-MSG))
:ERRNO errno))))
#|
ADRIAN PASIEKA's proposals to the :STREAM below.
Adding some analytics to the :STREAM below, to see all incoming traffic from an OPEN-NETWORK-STREAM like:
- the IP incoming number from OPEN-NETWORK-STREAM from an external machine,
- time of connection
Each new connection would be added to a LIST, and sent to the file.
This would create a history of all connections to CREATE-INET-LISTENER.
Additionaly, each CREATE-INET-LISTENER port could have a list of allowed external IP-s.
Otherwise anybody can access it with OPEN-NETWORK-STREAM, from any external CMUCL, not good.
There will be many thousands computers in the CMUCL-chain networks.
We don't need spamers/hackers scanning all CMUCL-chain ports all the time.
|#
(WHEN (EQ kind :STREAM)
(WHEN (MINUSP (UNIX:UNIX-LISTEN socket backlog))
(LET ((errno (UNIX:UNIX-ERRNO)))
(UNIX:UNIX-CLOSE socket)
(ERROR 'socket-error-mod-1
:FORMAT-CONTROL (INTL:GETTEXT "Error listening to socket: ~A")
:FORMAT-ARGUMENTS (LIST (UNIX:GET-UNIX-ERROR-MSG))
:ERRNO errno)))) socket) )
;;-----------------------------------------
QUESTION:
Is there any existing solution to the proposals above?
Or, is there any specialist who could advise as much as possible?
Thank You.
--
Kind Regards,
Adrian W. Pasieka Ikane