From bd5f287e6d5016e76f42c86fed0ba4333fe2d2da Mon Sep 17 00:00:00 2001 From: freethenation Date: Wed, 1 Mar 2023 13:28:36 -0500 Subject: [PATCH 1/3] ephemeral port range control --- main.py | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/main.py b/main.py index 836c094..34382d9 100644 --- a/main.py +++ b/main.py @@ -6,7 +6,9 @@ from fastapi.encoders import jsonable_encoder from fastapi.responses import JSONResponse, FileResponse from fastapi.staticfiles import StaticFiles -from typing import List, Optional +from typing import List, Optional, Tuple +import types +import random import datetime import numpy as np from PIL import Image @@ -51,6 +53,34 @@ async def new_handle_rtcp_packet(self, packet): RTCRtpReceiver._handle_rtcp_packet = new_handle_rtcp_packet #logging.basicConfig(level=logging.DEBUG) #very useful debugging aiortc issues +# Monkey patch aiortc to control ephemeral ports +local_ports = list(range(60000, 60000+3000)) # Allowed ephemeral port range +loop = asyncio.get_event_loop() +old_create_datagram_endpoint = loop.create_datagram_endpoint +async def create_datagram_endpoint(self, protocol_factory, + local_addr: Tuple[str, int] = None, + **kwargs, +): + #if port is specified just use it + if local_addr and local_addr[1]: + return await old_create_datagram_endpoint(protocol_factory, local_addr=local_addr, **kwargs) + #if port is not specified make it use our range + ports = list(local_ports) + random.shuffle(ports) + for port in ports: + try: + ret = await old_create_datagram_endpoint( + protocol_factory, local_addr=(local_addr[0], port), **kwargs + ) + print('create_datagram_endpoint chose port', port) + return ret + except OSError as exc: + if port == ports[-1]: + # this was the last port, give up + raise exc + raise ValueError("local_ports must not be empty") +loop.create_datagram_endpoint = types.MethodType(create_datagram_endpoint, loop) + # default return language return_language = "en" From bef6aa96c6b9ad06d7060e744daac074822630e8 Mon Sep 17 00:00:00 2001 From: Kristian Kielhofner <563162+kristiankielhofner@users.noreply.github.com> Date: Thu, 2 Mar 2023 00:49:50 -0500 Subject: [PATCH 2/3] Update main.py Co-authored-by: Richard Klafter --- main.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/main.py b/main.py index 34382d9..48bde02 100644 --- a/main.py +++ b/main.py @@ -64,6 +64,8 @@ async def create_datagram_endpoint(self, protocol_factory, #if port is specified just use it if local_addr and local_addr[1]: return await old_create_datagram_endpoint(protocol_factory, local_addr=local_addr, **kwargs) + if local_addr is None: + return await old_create_datagram_endpoint(protocol_factory, local_addr=None, **kwargs) #if port is not specified make it use our range ports = list(local_ports) random.shuffle(ports) From 2a58b9de590ec517be2edc99518687a88e1f51f3 Mon Sep 17 00:00:00 2001 From: Kristian Kielhofner Date: Thu, 2 Mar 2023 05:56:16 +0000 Subject: [PATCH 3/3] Tighten UDP port range and remove docker host network mode --- main.py | 2 +- run.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/main.py b/main.py index 48bde02..0104ee8 100644 --- a/main.py +++ b/main.py @@ -54,7 +54,7 @@ async def new_handle_rtcp_packet(self, packet): #logging.basicConfig(level=logging.DEBUG) #very useful debugging aiortc issues # Monkey patch aiortc to control ephemeral ports -local_ports = list(range(60000, 60000+3000)) # Allowed ephemeral port range +local_ports = list(range(60000, 60000+100)) # Allowed ephemeral port range loop = asyncio.get_event_loop() old_create_datagram_endpoint = loop.create_datagram_endpoint async def create_datagram_endpoint(self, protocol_factory, diff --git a/run.sh b/run.sh index b42e672..eb76a15 100755 --- a/run.sh +++ b/run.sh @@ -10,9 +10,9 @@ else export CUDA_VISIBLE_DEVICES="0" fi -# -p 19000:8000 -p 8081:8080 +# -p "$PORT":8000 -p 60000-60100:60000-60100/udp docker run --rm -it --gpus all --shm-size=1g --ipc=host \ -v $PWD:/app -v $PWD/cache:/root/.cache -e CUDA_VISIBLE_DEVICES -e WEB_CONCURRENCY \ --name air-infer-api \ - --net host air-infer-api:latest \ + -p "$PORT":"$PORT" -p 60000-60100:60000-60100/udp air-infer-api:latest \ uvicorn main:app --host 0.0.0.0 --port "$PORT" --reload --ssl-keyfile="/app/key.pem" --ssl-certfile="/app/cert.pem"