Icecast Streaming Media Server Forum Index Icecast Streaming Media Server
Icecast is a Xiph Foundation Project
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Smart listener count limiting based on GeoIP

 
Post new topic   Reply to topic    Icecast Streaming Media Server Forum Index -> Dev Branches
View previous topic :: View next topic  
Author Message
als



Joined: 14 Oct 2008
Posts: 18

PostPosted: Sun Mar 14, 2010 1:47 pm    Post subject: Smart listener count limiting based on GeoIP Reply with quote

Hi! I want to restrict access to my server primarily to clients within my country, still allowing several clients from abroad.
So I establish authentication type="command", pointing to local script to check IP of the client...
The easiest way seems to forward restricted users via "mountpoint: /different_country.ogg" to another mountpoint with limited connection count. Also it is easy to duplicate basic stream (not to make source additional encode) by relaying it from localhost. BUT <relay> section seems to ignore <max-listeners> value. Is it possible to limit <relay> mountpoint listeners count via config file?

The second question is: if I want to deny access for the client, can I pass him some human-understandable response like "sorry, you live in a wrong country"? Because now if i deny access (issue echo "icecast-auth-user: 0"), client just pops up window asking for username/password?

Thanks in advance!
Alexander
Back to top
View user's profile Send private message
karlH
Code Warrior
Code Warrior


Joined: 13 Jun 2005
Posts: 5476
Location: UK

PostPosted: Sun Mar 14, 2010 2:40 pm    Post subject: Reply with quote

max listeners is a mount setting, you just need to define a mount for whatever the relay local-mount is.

Adding a 403 response handler should be possible, I'll have to check into that.

karl.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
als



Joined: 14 Oct 2008
Posts: 18

PostPosted: Mon Mar 15, 2010 10:01 am    Post subject: Reply with quote

karlH wrote:
max listeners is a mount setting, you just need to define a mount for whatever the relay local-mount is.

Got it. So i make 2 separate sections for 1 mountpoint:
<mount> with limits & description, and
<relay> with source.
Thanks.

Quote:
Adding a 403 response handler should be possible, I'll have to check into that.


As an idea - maybe if user authentication program doesn't return predefined "allow" header - use it's output as a response for client (as if it was a cgi program). So it will be more flexible for customising.

Anyway, thanks a lot!
Alexander
Back to top
View user's profile Send private message
karlH
Code Warrior
Code Warrior


Joined: 13 Jun 2005
Posts: 5476
Location: UK

PostPosted: Mon Mar 15, 2010 10:31 am    Post subject: Reply with quote

I don't see a need to be that flexible, just needless complication for this type of server, you can still use the mountpoint header and maybe add in the location header for http 302 redirection. A message for a 403 response is certainly something we could add.

karl.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
robertut



Joined: 31 Aug 2007
Posts: 156

PostPosted: Fri Mar 19, 2010 1:36 pm    Post subject: Reply with quote

Yes, I would also definitely interested into that!

Because I'd set up different Icecast servers in different countries, and apply on each a similar geo-detection feature as described above, but with auto-redirection to the other server.

For example: have an Icecast server in Europe, one in the USA, both relaying the same content from a master server. If a listener client from USA tries to connect to the European server, it should be automatically, and transparently redirected to the USA server, and vice-versa. I don't want the user to be explicitly informed about this, it's enough if he/she just sees the different IP address.

Could also be useful for load balancing...
Back to top
View user's profile Send private message
karlH
Code Warrior
Code Warrior


Joined: 13 Jun 2005
Posts: 5476
Location: UK

PostPosted: Fri Mar 19, 2010 2:58 pm    Post subject: Reply with quote

You can already do that with the url auth just not the command auth. Just have the listener_add script send back a 200 OK response but include the Location: header. Something similar can be done for command auth.

karl.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
robertut



Joined: 31 Aug 2007
Posts: 156

PostPosted: Sat Mar 20, 2010 9:29 pm    Post subject: Reply with quote

how to do that on win32?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Icecast Streaming Media Server Forum Index -> Dev Branches All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2002 phpBB Group
subRebel style by ktauber