From adrian.pasieka at ai.pressiton.com Tue Aug 3 21:54:46 2021 From: adrian.pasieka at ai.pressiton.com (Adrian W. Pasieka Ikane) Date: Tue, 03 Aug 2021 23:54:46 +0200 Subject: CMUCL-chain taking off Message-ID: <82a6lytcrd.fsf@ai.pressiton.com> Hello, Firstly, kindly thank You to Mr Raymond Toy for his patience when I tried to learn CMUCL. Now is time to do something concrete, i.e. to build a CMUCL-chain. Some elements are already completed (very simple version). The goal is to create a commercial CMUCL-chain, not easy, but worth trying. I would need some help with CREATE-INET-LISTENER. CREATE-INET-LISTENER is the ports opener, a critical moment from the cyber-security standpoint. Explanation of the DEFUN below, the proposals inside, and the questions at the very end. The names like "af-inet-mod-1" and "create-inet-listener-mod-1" are in fact COPIES from sources. I have only added :ALIEN, :C-CALL :UNIX descriptions, to know what is coming from where. create-inet-listener-mod-1 = CREATE-INET-LISTENER, in sources. (DEFUN create-inet-listener-mod-1 (port &OPTIONAL (kind :STREAM) &KEY (host 0) reuse-address (backlog 5)) (LET ((socket (CREATE-INET-SOCKET kind)) (addr (IF (STRINGP host) (HOST-ENTRY-ADDR (OR (LOOKUP-HOST-ENTRY host) (ERROR 'socket-error-mod-1 :FORMAT-CONTROL (INTL:GETTEXT "Unknown host: ~S.") :FORMAT-ARGUMENTS (LIST host) :ERRNO (UNIX:UNIX-ERRNO)))) host))) (WHEN reuse-address (MULTIPLE-VALUE-BIND (optval errno) (set-socket-option-mod-1 socket sol-socket-mod-1 so-reuseaddr-mod-1 1) (OR optval (ERROR 'socket-error-mod-1 :FORMAT-CONTROL (INTL:GETTEXT "Error ~S setting socket option on socket ~D.") :FORMAT-ARGUMENTS (LIST (UNIX:GET-UNIX-ERROR-MSG errno) socket) :ERRNO errno)))) (ALIEN:WITH-ALIEN ((sockaddr inet-sockaddr)) (SETF (ALIEN:SLOT sockaddr 'family) af-inet-mod-1) (SETF (ALIEN:SLOT sockaddr 'port) (HTONS port)) (SETF (ALIEN:SLOT sockaddr 'addr) (HTONL addr)) (WHEN (MINUSP (UNIX:UNIX-BIND socket (ALIEN:ALIEN-SAP sockaddr) (ALIEN:ALIEN-SIZE inet-sockaddr :BYTES))) (LET ((errno (UNIX:UNIX-ERRNO))) (UNIX:UNIX-CLOSE socket) (ERROR 'socket-error-mod-1 :FORMAT-CONTROL (INTL:GETTEXT "Error binding socket to port ~A: ~A") :FORMAT-ARGUMENTS (LIST port (UNIX:GET-UNIX-ERROR-MSG)) :ERRNO errno)))) #| ADRIAN PASIEKA's proposals to the :STREAM below. Adding some analytics to the :STREAM below, to see all incoming traffic from an OPEN-NETWORK-STREAM like: - the IP incoming number from OPEN-NETWORK-STREAM from an external machine, - time of connection Each new connection would be added to a LIST, and sent to the file. This would create a history of all connections to CREATE-INET-LISTENER. Additionaly, each CREATE-INET-LISTENER port could have a list of allowed external IP-s. Otherwise anybody can access it with OPEN-NETWORK-STREAM, from any external CMUCL, not good. There will be many thousands computers in the CMUCL-chain networks. We don't need spamers/hackers scanning all CMUCL-chain ports all the time. |# (WHEN (EQ kind :STREAM) (WHEN (MINUSP (UNIX:UNIX-LISTEN socket backlog)) (LET ((errno (UNIX:UNIX-ERRNO))) (UNIX:UNIX-CLOSE socket) (ERROR 'socket-error-mod-1 :FORMAT-CONTROL (INTL:GETTEXT "Error listening to socket: ~A") :FORMAT-ARGUMENTS (LIST (UNIX:GET-UNIX-ERROR-MSG)) :ERRNO errno)))) socket) ) ;;----------------------------------------- QUESTION: Is there any existing solution to the proposals above? Or, is there any specialist who could advise as much as possible? Thank You. -- Kind Regards, Adrian W. Pasieka Ikane