[REBOL] Re: Binding server ports to specific host IPs
From: brian:hawley at: 9-Aug-2002 18:41
At 09:45 AM 8/9/02 -0500, G. Scott Jones wrote:
>From: "Brian Hawley"
> > My computer has several IP channels
> > available to it: The ethernet card,
> > localhost, and a couple VMware virtual
> > networks. If I am setting up a
> > server, how do I bind a listen port to just
> > one or some of them, not all?
> > I would like to set up local services that
> > I would prefer not to be
> > accessible to the outside world. I haven't
> > found anything like this in
> > the docs - they all seem to assume that
> > all network channels are alike.
>I probably have more questions than answers, because I believe that the best
>answer will depend on certain information.
>The implied risk of which I suspect that you are concerned is the risk of
>external Internet access to your proposed REBOL server.
[ Huge amounts of useful information snipped :) ]
I thank you for all of this information, but I've already gone
through these steps. I do know about networking, I just forget
the jargon terms for things :)
>The third but less desirable option is hooking your REBOL server
>to the localhost address (127.0.0.1).
Actually, that is exactly one of the things that I want to do.
>Once your development machine is on a non-Internet-routable address, like
>the 192.168.x.x range, then you can hook your server to a port for
>listening, as seen at
>You should be able to specify the actual IP that you wish to use on your
>server-port: open/lines tcp://192.168.0.1:4321
You should, but what you have just done is open a client port.
A server port is opened from specs like tcp://:4321 . You are
not given the opportunity to specify which of your server IPs
to bind to, or if you are I am asking would like to know how.
Say I have a 2k machine, with one NIC, running VMware. I would
then have 4 IPs for that machine, each on a different subnet.
This info is typical for a computer behind a NAT firewall.
localhost 127.0.0.1 255.0.0.0
(the NIC) 192.168.123.100 255.255.255.0
(VMware host-only net) 192.168.17.1 255.255.255.0
(VMware internal NAT) 192.168.119.1 255.255.255.0
I would like to use something like this:
open/custom tcp://:4321 [ips [188.8.131.52 192.168.17.1]]
or perhaps even use the names specified when you
get-modes port 'interfaces
It should be possible, but I don't know the exact syntax.
>If your machine is directly addressable to the Internet, but you have a fire
>wall installed, then in theory you only need to set the firewall to filter
>out any external access to the desired port.
Most internal firewall software restricts on a program
basis, not per-script. If you enable a port for one REBOL
script you have enabled it for all of them. This is not
my problem, though.
I just want to set up local servers to handle non-REBOL
standard protocols for client programs written in other
languages. Seems simple enough to me...
At 05:26 PM 8/9/02 +0200, Petr Krenzelok wrote:
>So once again,
>port: open tcp://:9005
>probe get-modes port 'interfaces
>Is that what you wanted?
No. I found that in the docs. What I want is to bind listen
ports to only a subset of the IPs available on my machine.
access hasn't helped me much there, I'm afraid :(