用于unix的wsgi http服务器
tprox的Python项目详细描述
t氧气
tproxy是一个简单的tcp路由代理(第7层)构建在 Gevent允许您在python中配置例程逻辑。它很重 灵感来自proxy machine 但是有一些独特的特性,比如前叉工人模型 Gunicorn。
安装
tproxy需要python 2.x>;=2.5。计划支持Python3.x。
$ pip install gevent $ pip install tproxy
从源安装:
$ git clone git://github.com/benoitc/tproxy.git $ cd tproxy $ pip install -r requirements.txt $ python setup.py install
通过运行命令行测试安装:
$ tproxy examples/transparent.py
继续http://127.0.0.1:5000,你会看到谷歌主页。
用法
$ tproxy -h Usage: tproxy [OPTIONS] script_path Options: --version show program's version number and exit -h, --help show this help message and exit --log-file=FILE The log file to write to. [-] --log-level=LEVEL The granularity of log outputs. [info] --log-config=FILE The log config file to use. [None] -n STRING, --name=STRING A base to use with setproctitle for process naming. [None] -D, --daemon Daemonize the tproxy process. [False] -p FILE, --pid=FILE A filename to use for the PID file. [None] -u USER, --user=USER Switch worker processes to run as this user. [501] -g GROUP, --group=GROUP Switch worker process to run as this group. [20] -m INT, --umask=INT A bit mask for the file mode on files written by tproxy. [0] -b ADDRESS, --bind=ADDRESS The socket to bind. [127.0.0.1:8000] --backlog=INT The maximum number of pending connections. [2048] --ssl-keyfile=STRING Ssl key file [None] --ssl-certfile=STRING Ssl ca certs file. contains concatenated "certification [None] --ssl-ca-certs=STRING Ssl ca certs file. contains concatenated "certification [None] --ssl-cert-reqs=INT Specifies whether a certificate is required from the other [0] -w INT, --workers=INT The number of worker process for handling requests. [1] --worker-connections=INT The maximum number of simultaneous clients per worker. [1000] -t INT, --timeout=INT Workers silent for more than this many seconds are killed and restarted. [30]
信号
QUIT - Graceful shutdown. Stop accepting connections immediatly and wait until all connections close TERM - Fast shutdown. Stop accepting and close all conections after 10s. INT - Same as TERM HUP - Graceful reloading. Reload all workers with the new code in your routing script. USR2 - Upgrade tproxy on the fly TTIN - Increase the number of worker from 1 TTOU - Decrease the number of worker from 1
路由脚本示例
import re re_host = re.compile("Host:\s*(.*)\r\n") class CouchDBRouter(object): # look at the routing table and return a couchdb node to use def lookup(self, name): """ do something """ router = CouchDBRouter() # Perform content-aware routing based on the stream data. Here, the # Host header information from the HTTP protocol is parsed to find the # username and a lookup routine is run on the name to find the correct # couchdb node. If no match can be made yet, do nothing with the # connection. (make your own couchone server...) def proxy(data): matches = re_host.findall(data) if matches: host = router.lookup(matches.pop()) return {"remote": host} return None
18行中的socks4代理示例
import socket import struct def proxy(data): if len(data) < 9: return command = ord(data[1]) ip, port = socket.inet_ntoa(data[4:8]), struct.unpack(">H", data[2:4])[0] idx = data.index("\0") userid = data[8:idx] if command == 1: #connect return dict(remote="%s:%s" % (ip, port), reply="\0\x5a\0\0\0\0\0\0", data=data[idx:]) else: return {"close": "\0\x5b\0\0\0\0\0\0"}
返回文件的示例
import os WELCOME_FILE = os.path.join(os.path.dirname(__file__), "welcome.txt") def proxy(data): fno = os.open(WELCOME_FILE, os.O_RDONLY) return { "file": fno, "reply": "HTTP/1.1 200 OK\r\n\r\n" }
有效返回值
- {“remote:”:string或tuple}-string是 将被代理的服务器。
- {“remote”:string,“data”:string}-同上,但是 改为发送给定的数据。
- {“remote”:string,“data”:string,“reply”:string}-同上, 但用给定的数据回复客户
- 没有-什么都不做。
- {“close”:true}-关闭连接。
- {“close”:string}-发送后关闭连接 绳子。
- {“file”:string}-返回由文件路径指定的文件并关闭 连接。
- {“file”:string,“reply”:string}-返回由 文件路径并关闭连接。
- {“file”:int,“reply”:string}-同上,但使用给定的 数据返回到客户端
- {“file”:int}-返回指定的文件 其文件描述符
- {“file”:int,“reply”:string}-同上 但用给定的数据回复客户
注:
如果sendfileapi可用 将用于发送带有“file”命令的文件。
文件命令可以有两个选项名称参数:
- offset:参数指定文件中的起始位置。
- nbytes:指定应发送文件的字节数
要处理远程连接的ssl,可以添加以下选项 参数:
- ssl:true或false,如果要连接ssl
- ssl_args:dict,optionals ssl参数。阅读ssl documentation了解更多关于它们的信息。
处理错误
通过在中添加proxy_error函数,可以轻松地处理错误 您的脚本:
def proxy_error(client, e): pass
此函数将clientconnection实例(当前连接)获取为 第一个参数和第二个参数中的错误异常。
重写请求和响应
tproxy的主要目标是允许您透明地将tcp路由到 应用。但有些案子你想做得更多。例如你需要 更改主机头以确保远程http服务器将 知道如果使用虚拟主机该怎么办。
为此,在函数中添加rewrite_请求函数 只需重写clienrt请求和rewrite_response即可重写 远程响应。两个函数都采用一个tproxy.rewrite.rewriteio实例 它基于io.rawiobase类。
有关http重写的示例,请参见httprewrite.py示例。
版权所有
2011年(c)贝诺T切斯诺&lt;benoitc@e-engura.org>;