Hi David; I have not dug into the bowels of the HAPI Server implementation, so I could be off base, but I’ll throw this our there nonetheless. I believe you have several options, one of which you mention….using the firewall.
Other options 1) Programmatic: implement your own “baby application firewall” a: allow the connection b: before doing anything else, grab the connection socket c: compare to a list of IPs that you’ll “accept” (assuming you know what they are) d: if sourceIP Is not on your list, close the socket. If IP is allowed, then proceed as normal 2: Programmatic: a: the server socket accept() can be overridden (if using Java) b: perhaps the IP list can be checked there before establishing an actual connection Some type of middleware: 2) add a load balancer. There are open source load balancers out (HAProxy, NGINX). It can do the Ip Address filtering for you. If you are worried about some type of DOS attack, you’ll certainly want to be auditing traffic to see where its coming from. Good Luck Walter > On Sep 25, 2020, at 6:32 AM, david.mblackburn--- via Hl7api-devel > <hl7api-devel@lists.sourceforge.net> wrote: > > Hi All, > > I have been using HL7 HAPI for a while now but have been recently asked if we > could restrict the server listener so that only designated ip addresses can > connect, when invoking the server there doesn’t appear to be a way to do this > unless I use an external firewall on the server machine, any thoughts? > > Rgds > DavidB. > > > <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> > Virus-free. www.avg.com > <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> > > <x-msg://34/#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>_______________________________________________ > Hl7api-devel mailing list > Hl7api-devel@lists.sourceforge.net <mailto:Hl7api-devel@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/hl7api-devel > <https://lists.sourceforge.net/lists/listinfo/hl7api-devel>
_______________________________________________ Hl7api-devel mailing list Hl7api-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/hl7api-devel