Re: [go-nuts] Reject Unknown clients

2016-08-09 Thread Naveen Shivegowda 
HI Sam,

For feature parity purpose we wanted(if possible in golang) to handle this
in code itself instead of using other methods.
We are checking if any way is there in Go to reject connections at http
server level it self or else we will start using iptables.

Regards
Naveen S

On Thu, Aug 4, 2016 at 10:45 PM, Sam Whited  wrote:

> On Thu, Aug 4, 2016 at 9:17 AM, Naveen Shivegowda 
> wrote:
> > Is it possible to make http servers listen only on a few source ip's and
> > request from any other source should be rejected?
>
> Out of curiosity, is there a reason you don't want to use a firewall
> for this? iptables and pf are pretty great. Or, if you're already
> terminating HTTP elsewhere with a loadbalancer like HAProxy you can do
> it at that level. Plenty of options that don't require more
> application code.
>
> —Sam
>
>
> --
> Sam Whited
> pub 4096R/54083AE104EA7AD3
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [go-nuts] Reject Unknown clients

2016-08-04 Thread Kiki Sugiaman 
This is not necessarily directed at the OP but anyone considering this 
approach:
If you already know about ip spoofing attack, great. Otherwise, do 
proceed with that in mind.


--
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [go-nuts] Reject Unknown clients

2016-08-04 Thread Hotei 
Sam,
I'm guessing but a lot of (non-commercial) folks use an inexpensive 
"wireless router" with NAT as their "firewall".  Besides, the application 
code is trivial.  Probably less than a hundred lines.  Potentially s a good 
teaching moment for using go and how it does http.  On the other hand - if 
this was for a business I'd have to agree with you on using a proper 
firewall.

On Thursday, August 4, 2016 at 1:16:42 PM UTC-4, Sam Whited wrote:
>
> On Thu, Aug 4, 2016 at 9:17 AM, Naveen Shivegowda  > wrote: 
> > Is it possible to make http servers listen only on a few source ip's and 
> > request from any other source should be rejected? 
>
> Out of curiosity, is there a reason you don't want to use a firewall 
> for this? iptables and pf are pretty great. Or, if you're already 
> terminating HTTP elsewhere with a loadbalancer like HAProxy you can do 
> it at that level. Plenty of options that don't require more 
> application code. 
>
> —Sam 
>
>
> -- 
> Sam Whited 
> pub 4096R/54083AE104EA7AD3 
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[go-nuts] Reject Unknown clients

2016-08-04 Thread Naveen Shivegowda 
Is it possible to make http servers listen only on a few source ip's and 
request from any other source should be rejected?

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.