Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

[REBOL] Re: Binding server ports to specific host IPs

From: gscottjones:mchsi at: 10-Aug-2002 10:53

Hi, Brian, From: "Brian Hawley"
> My computer has several IP channels available to it: The ethernet card, > localhost, and a couple VMware virtual networks. If I am setting up a > server, how do I bind a listen port to just one or some of them, not all? > I would like to set up local services that I would prefer not to be > accessible to the outside world. I haven't found anything like this in > the docs - they all seem to assume that all network channels are alike. > > For that matter, is there some way to set a net-mask or a list of IPs to > limit who can connect to my service somewhere in the port settings, rather > than manually checking every connection? I'm looking for speed and
security
> here...
I think I know one way to accomplish your task. This works on my home network. If the hypothetical tiny-server IP is 192.168.1.100, then the following sets up a "tiny server" that only answers if the connection-port comes from the IP indicated in the code below: server-port: open/lines tcp://:4321 forever [ connection-port: first server-port until [ wait connection-port either find [192.168.1.100] connection-port/host [ error? try [do first connection-port] ][ probe reduce join "intrusion from " connection-port/host ] ] close connection-port ] close server-port I can connect and use from the machine on IP 192.168.1.100 using: server: open/lines tcp://192.168.1.100:4321 until [error? try [insert server ask "R> "]] ;close server But from my wife's machine on 192.168.1.101 or by localhost, I the server only reports an intrusion attempt. More accepted IP's can be added to the block: ... either find [192.168.1.100 192.168.1.101] connection-port/host [ ... ***** Warning: This code has not been thoroughly tested and is likely to ruin your computer, your business and your life. I suspect that even a 2 month old infant hacker could easily circumvent this server. It is meant to be a comical satire of a real computer ip filter and is meant for pleasure reading only at a distance no closer than 4000 meters from any computer. ***** Hope that this is more useful than my last posts. --Scott Jones