问题
I'm working on a project where we want to assign a whitelist packet filters for incoming traffic on a firewall and we are using python script with requests library to make some https requests to some servers outside of that network. For now the script is using ephemeral ports to connect to the servers, but we would like to make these https requests through specific ports. This would allow us to create strict whitelist for these ports.
How can I specify the port to the requests library through which the request should be sent? Script is currently using the following type of code to send the necessary requests.
response = requests.post(data[0], data=query, headers=headers, timeout=10)
This works, but I would now need to specify the port through which the http post request should be sent to allow for more strict packet filtering on the network. How could this port declaration be achieved? I have searched for solution to this from several sources already and came up with absolutely nothing.
回答1:
requests
is built on urllib3, which offers the ability to set a source address for connections; when you set the source address to ('', port_number)
you tell it to use the default host name but pick a specific port.
You can set these options on the pool manager, and you tell requests
to use a different pool manager by creating a new transport adapter:
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager
class SourcePortAdapter(HTTPAdapter):
""""Transport adapter" that allows us to set the source port."""
def __init__(self, port, *args, **kwargs):
self._source_port = port
super(SourcePortAdapter, self).__init__(*args, **kwargs)
def init_poolmanager(self, connections, maxsize, block=False):
self.poolmanager = PoolManager(
num_pools=connections, maxsize=maxsize,
block=block, source_address=('', self._source_port))
Use this adapter in a session object, the following mounts the adapter for all HTTP and HTTPS connections, using 54321
as the source port:
s = requests.Session()
s.mount('http://', SourcePortAdapter(54321))
s.mount('https://', SourcePortAdapter(54321))
You can only set the one source port, limiting you to one active connection at a time. If you need to rotate between ports, register multiple adapters (one per URL) or re-register the catch-all mounts each time.
See the create_connection() utility function documentation for the details on the source_address
option:
If
source_address
is set it must be a tuple of(host, port)
for the socket to bind as a source address before making the connection. An host of''
or port0
tells the OS to use the default.
来源:https://stackoverflow.com/questions/47202790/python-requests-how-to-specify-port-for-outgoing-traffic