用于unix的wsgi http服务器
tprox的Python项目详细描述
t氧气
tproxy是一个简单的tcp路由代理(第7层)构建在 Gevent允许您在python中配置例程逻辑。它很重 灵感来自proxy machine 但是有一些独特的特性,比如前叉工人模型 Gunicorn。
安装
tproxy需要python 2.x>;=2.5。计划支持Python3.x。
$ pip install gevent $ pip install tproxy
从源安装:
$ git clone git://github.com/benoitc/tproxy.git $ cd tproxy $ pip install -r requirements.txt $ python setup.py install
通过运行命令行测试安装:
$ tproxy examples/transparent.py
继续http://127.0.0.1:5000,你会看到谷歌主页。
用法
$ tproxy -h
Usage: tproxy [OPTIONS] script_path
Options:
--version show program's version number and exit
-h, --help show this help message and exit
--log-file=FILE The log file to write to. [-]
--log-level=LEVEL The granularity of log outputs. [info]
--log-config=FILE The log config file to use. [None]
-n STRING, --name=STRING A base to use with setproctitle for process naming.
[None]
-D, --daemon Daemonize the tproxy process. [False]
-p FILE, --pid=FILE A filename to use for the PID file. [None]
-u USER, --user=USER Switch worker processes to run as this user. [501]
-g GROUP, --group=GROUP
Switch worker process to run as this group. [20]
-m INT, --umask=INT A bit mask for the file mode on files written by
tproxy. [0]
-b ADDRESS, --bind=ADDRESS The socket to bind. [127.0.0.1:8000]
--backlog=INT The maximum number of pending connections. [2048]
--ssl-keyfile=STRING Ssl key file [None]
--ssl-certfile=STRING Ssl ca certs file. contains concatenated
"certification [None]
--ssl-ca-certs=STRING Ssl ca certs file. contains concatenated
"certification [None]
--ssl-cert-reqs=INT Specifies whether a certificate is required from the
other [0]
-w INT, --workers=INT The number of worker process for handling requests. [1]
--worker-connections=INT The maximum number of simultaneous clients per worker.
[1000]
-t INT, --timeout=INT Workers silent for more than this many seconds are
killed and restarted. [30]
信号
QUIT - Graceful shutdown. Stop accepting connections immediatly
and wait until all connections close
TERM - Fast shutdown. Stop accepting and close all conections
after 10s.
INT - Same as TERM
HUP - Graceful reloading. Reload all workers with the new code
in your routing script.
USR2 - Upgrade tproxy on the fly
TTIN - Increase the number of worker from 1
TTOU - Decrease the number of worker from 1
路由脚本示例
import re
re_host = re.compile("Host:\s*(.*)\r\n")
class CouchDBRouter(object):
# look at the routing table and return a couchdb node to use
def lookup(self, name):
""" do something """
router = CouchDBRouter()
# Perform content-aware routing based on the stream data. Here, the
# Host header information from the HTTP protocol is parsed to find the
# username and a lookup routine is run on the name to find the correct
# couchdb node. If no match can be made yet, do nothing with the
# connection. (make your own couchone server...)
def proxy(data):
matches = re_host.findall(data)
if matches:
host = router.lookup(matches.pop())
return {"remote": host}
return None
18行中的socks4代理示例
import socket
import struct
def proxy(data):
if len(data) < 9:
return
command = ord(data[1])
ip, port = socket.inet_ntoa(data[4:8]), struct.unpack(">H", data[2:4])[0]
idx = data.index("\0")
userid = data[8:idx]
if command == 1: #connect
return dict(remote="%s:%s" % (ip, port),
reply="\0\x5a\0\0\0\0\0\0",
data=data[idx:])
else:
return {"close": "\0\x5b\0\0\0\0\0\0"}
返回文件的示例
import os
WELCOME_FILE = os.path.join(os.path.dirname(__file__), "welcome.txt")
def proxy(data):
fno = os.open(WELCOME_FILE, os.O_RDONLY)
return {
"file": fno,
"reply": "HTTP/1.1 200 OK\r\n\r\n"
}
有效返回值
- {“remote:”:string或tuple}-string是 将被代理的服务器。
- {“remote”:string,“data”:string}-同上,但是 改为发送给定的数据。
- {“remote”:string,“data”:string,“reply”:string}-同上, 但用给定的数据回复客户
- 没有-什么都不做。
- {“close”:true}-关闭连接。
- {“close”:string}-发送后关闭连接 绳子。
- {“file”:string}-返回由文件路径指定的文件并关闭 连接。
- {“file”:string,“reply”:string}-返回由 文件路径并关闭连接。
- {“file”:int,“reply”:string}-同上,但使用给定的 数据返回到客户端
- {“file”:int}-返回指定的文件 其文件描述符
- {“file”:int,“reply”:string}-同上 但用给定的数据回复客户
注:
如果sendfileapi可用 将用于发送带有“file”命令的文件。
文件命令可以有两个选项名称参数:
- offset:参数指定文件中的起始位置。
- nbytes:指定应发送文件的字节数
要处理远程连接的ssl,可以添加以下选项 参数:
- ssl:true或false,如果要连接ssl
- ssl_args:dict,optionals ssl参数。阅读ssl documentation了解更多关于它们的信息。
处理错误
通过在中添加proxy_error函数,可以轻松地处理错误 您的脚本:
def proxy_error(client, e):
pass
此函数将clientconnection实例(当前连接)获取为 第一个参数和第二个参数中的错误异常。
重写请求和响应
tproxy的主要目标是允许您透明地将tcp路由到 应用。但有些案子你想做得更多。例如你需要 更改主机头以确保远程http服务器将 知道如果使用虚拟主机该怎么办。
为此,在函数中添加rewrite_请求函数 只需重写clienrt请求和rewrite_response即可重写 远程响应。两个函数都采用一个tproxy.rewrite.rewriteio实例 它基于io.rawiobase类。
有关http重写的示例,请参见httprewrite.py示例。
版权所有
2011年(c)贝诺T切斯诺&lt;benoitc@e-engura.org>;
欢迎加入QQ群-->: 979659372
