Oh genius. Thanks! (Also thanks for pointing out the MASSIVE security hole I was trying to create for myself.)
On Thursday, January 15, 2015 at 6:19:04 AM UTC-5, Jony Hudson wrote: > > Hi Sam, > > I think `lein gorilla :ip 0.0.0.0 :port 55555` should work (it works on > my machine). And if your router is forwarding 55555 to that machine > correctly then it should be accessible from outside. `lein gorilla :ip > ROUTER_IP :port 55555` shouldn't work because ROUTER_IP isn't an IP address > bound to the machine, so it will not be able to run a server on it. > > More importantly, though, DO NOT DO THIS!!! The reason is that this will > give full access (with the privileges of the user running Gorilla) to > anyone on the internet. Stuff like reading, deleting all of your files etc > :-( Gorilla doesn't have any form of authentication mechanism built in, and > the server mode is really meant for trusted access only. If you want to run > Gorilla over a non-trusted network then you should set it up to use some > form of authentication. > > The solution I usually use for this sort of thing is to tunnel through > SSH. So, first of all make sure you can access SSH on THAT_COMPUTER ... if > your router allows you to forward 55555 external to 22 on THAT_COMPUTER > then that would work. If you can't control the target port then you might > need to run the SSH server on a different port (55555). > > Once you've got SSH running then you can run the Gorilla server on the > internal (loopback) IP i.e. the default setting. This is not accessible > from outside the machine, but it is accessible by the SSH server which is > running on the machine. So you can then use ssh tunnelling to access this > port from the outside machine. > > So: > > - set up router to forward ssh > - run `lein gorilla :port 55556` on THAT_COMPUTER > - on the remote machine `ssh -L 8090:127.0.0.1:55556 -p 55555 > me@ROUTER_IP`. This connects to the SSH server on 55555, and tells it to > route traffic from the local machine's port 8080 to the remote machine's > port 55556, which is the port that Gorilla is running on. This will be done > by the ssh server, internal to the remote machine, so does not need Gorilla > to be externally accessible. > - then you should be able to securely access Gorilla on the remote machine > at `http://localhost:8090/...` <http://localhost:8090/...>. SSH will > route this as described above. > > A diagram would really help here with all of the ports, but hopefully you > get the idea :-) > > > Jony > > On Thursday, 15 January 2015 01:01:56 UTC, Sam Raker wrote: >> >> I've got a computer with a bunch of clojure code on it, sitting at home >> on my home network. I've configured my router to forward port 55555 on that >> computer to port 55555 on the router itself, so that, at least in theory, >> ROUTER_IP:55555 should be forwarded to THAT_COMPUTER:55555, if that makes >> sense. I've done this same thing for a number of other things, including >> SSH, MySQL, etc. >> >> When I'm at home, I can fire up `lein gorilla :ip THAT_COMPUTER :port >> 55555` and then go to http://THAT_COMPUTER:55555/worksheet.html, or, >> more directly, `lein repl :headless THAT_COMPUTER:55555`/`lein repl >> :connect THAT_COMPUTER:55555`, and it works. I'm trying to do the same from >> not-at-home, no dice. (For the curious: I can SSH into THAT_COMPUTER, but >> the connection is REALLY slow.) >> >> I've tried `lein gorilla :ip ROUTER_IP :port 55555` (from THAT_COMPUTER), >> but get a java.net.BindException about not being able to assign the >> requested address--which makes sense--but `lein gorilla :ip 0.0.0.0 :port >> 55555` doesn't seem to work either. Same with `lein repl :headless :host >> 0.0.0.0.0 :port 55555`. >> >> >> Any suggestions? Is this just not a thing I can do with these tools at >> this point in their development? Is this a thing that should just work and >> possibly my dumb router or some other thing is screwing it up? >> >> >> >> Thanks! >> -sam >> > -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
