Mailing list home
  Find posts   Help

Latest messageRecent messages

In this thread:
 First
 Prev
 Next
 See whole thread
By msg id:
 Prev: 10 Aug 2002 10:26
 Next: 10 Aug 2002 19:14

Other threads:
 Prev: file! and url!
 Next: imanXwin kludge

Same author:
 Prev: 10 Aug 2002 6:04
 Next: 12 Aug 2002 7:49

 Random message

Indexes:
 By topic
 By date
 By author
 By subject
Join the Mailing List....
AccessibilityAbout / FAQ
Member's loungeContact/FeedbackOther REBOL links
Membership:
member name

password

Remember?

Not a member? Please join
16-Aug 16:31 UTC
[0.058] 10.154k
Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

[REBOL] Re: Binding server ports to specific host IPs

From: gscottjones:mchsi at: 10-Aug-2002 10:53


Hi, Brian,

From: "Brian Hawley"

> My computer has several IP channels available to it: The ethernet card,
> localhost, and a couple VMware virtual networks. If I am setting up a
> server, how do I bind a listen port to just one or some of them, not all?
> I would like to set up local services that I would prefer not to be
> accessible to the outside world. I haven't found anything like this in
> the docs - they all seem to assume that all network channels are alike.
>
> For that matter, is there some way to set a net-mask or a list of IPs to
> limit who can connect to my service somewhere in the port settings, rather
> than manually checking every connection? I'm looking for speed and

security

> here...


I think I know one way to accomplish your task.  This works on my home
network.

If the hypothetical tiny-server IP is 192.168.1.100, then the following sets
up a "tiny server" that only answers if the connection-port comes from the
IP indicated in the code below:

server-port: open/lines tcp://:4321
forever [
    connection-port: first server-port
    until [
        wait connection-port
        either find [192.168.1.100] connection-port/host [
            error? try [do first connection-port]
        ][
            probe reduce join "intrusion from " connection-port/host
        ]
    ]
    close connection-port
]
close server-port

I can connect and use from the machine on IP 192.168.1.100 using:

server: open/lines tcp://192.168.1.100:4321
until [error? try [insert server ask "R> "]]
;close server

But from my wife's machine on 192.168.1.101 or by localhost, I the server
only reports an intrusion attempt.  More accepted IP's can be added to the
block:

...
either find [192.168.1.100 192.168.1.101] connection-port/host [
...

*****
Warning: This code has not been thoroughly tested and is likely to ruin your
computer, your business and your life. I suspect that even a 2 month old
infant hacker could easily circumvent this server.  It is meant to be a
comical satire of a real computer ip filter and is meant for pleasure
reading only at a distance no closer than 4000 meters from any computer.
*****

Hope that this is more useful than my last posts.
--Scott Jones

1 · 2 · 3 · 4 · 5 · 6 · [7] · 8 · See whole thread