Re: [go-nuts] Reject Unknown clients
HI Sam, For feature parity purpose we wanted(if possible in golang) to handle this in code itself instead of using other methods. We are checking if any way is there in Go to reject connections at http server level it self or else we will start using iptables. Regards Naveen S On Thu, Aug 4, 2016 at 10:45 PM, Sam Whitedwrote: > On Thu, Aug 4, 2016 at 9:17 AM, Naveen Shivegowda > wrote: > > Is it possible to make http servers listen only on a few source ip's and > > request from any other source should be rejected? > > Out of curiosity, is there a reason you don't want to use a firewall > for this? iptables and pf are pretty great. Or, if you're already > terminating HTTP elsewhere with a loadbalancer like HAProxy you can do > it at that level. Plenty of options that don't require more > application code. > > —Sam > > > -- > Sam Whited > pub 4096R/54083AE104EA7AD3 > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [go-nuts] Reject Unknown clients
This is not necessarily directed at the OP but anyone considering this approach: If you already know about ip spoofing attack, great. Otherwise, do proceed with that in mind. -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [go-nuts] Reject Unknown clients
Sam, I'm guessing but a lot of (non-commercial) folks use an inexpensive "wireless router" with NAT as their "firewall". Besides, the application code is trivial. Probably less than a hundred lines. Potentially s a good teaching moment for using go and how it does http. On the other hand - if this was for a business I'd have to agree with you on using a proper firewall. On Thursday, August 4, 2016 at 1:16:42 PM UTC-4, Sam Whited wrote: > > On Thu, Aug 4, 2016 at 9:17 AM, Naveen Shivegowda> wrote: > > Is it possible to make http servers listen only on a few source ip's and > > request from any other source should be rejected? > > Out of curiosity, is there a reason you don't want to use a firewall > for this? iptables and pf are pretty great. Or, if you're already > terminating HTTP elsewhere with a loadbalancer like HAProxy you can do > it at that level. Plenty of options that don't require more > application code. > > —Sam > > > -- > Sam Whited > pub 4096R/54083AE104EA7AD3 > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[go-nuts] Reject Unknown clients
Is it possible to make http servers listen only on a few source ip's and request from any other source should be rejected? -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.