I'm trying to limit which clients are allowed to connect to my tls server by their IPs.
I know I can do that after Accept, check their IPs and close the connection if they're not whitelisted. But that means the full tls handshake has to complete before I can do that. Another option is that I can use nftables to whitelist clients at the kernel level. But to do that, I either have to spawn a subprocess to call nft, which is kinda slow or use google/nftables that isn't production ready yet (also missing some features I need). Is there anyway I can drop the tls connection when a client sends SYN? Thanks in advance. -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
