Re: [External] org.apache.catalina.valves.RemoteAddrValve

2024-04-04 Thread Eric Fetzer
LOL, I'm decent at regex Robert.  I got the \d+ from what ships in the
context.xml:

127\.\d+\.\d+\.\d+

It looks like an attempt at saying localhost can get in as long as the
localhost IP starts with 127.  I assumed it wasn't actually regex but some
"tomcat language"...  Thanks for the education!  I'll jump back on here if
things don't work on the other side of the firewall...

On Thu, Apr 4, 2024 at 12:11 PM Robert Egan  wrote:

> You need to read up on "regular expressions" (or "regex").
>
> In a regular expression, a lowercase "d" is a single decimal digit. A "+"
> means one or more of them. A period means ANY character (which is why you
> have to escape it when you mean "period"). A backward slash means to treat
> the character immediately after it normally and not as a special character.
> So "\d" would mean the literal letter "d".
>
> There's more rules, but they're well documented all over the internet, so I
> won't elaborate.
>
> Robert Egan
>
>
> On Thu, Apr 4, 2024 at 2:01 PM Eric Fetzer  wrote:
>
> > Thanks for the quick response Robert!  So I tried escaping the periods
> and
> > putting the \d+ for the * but it didn't work.  Is the \d+ incorrect in
> > substitution for *?
> >
> > On Thu, Apr 4, 2024 at 11:53 AM Robert Egan 
> > wrote:
> >
> > > It looks like you need to escape your periods, like you did for 127\.
> > > etc...
> > > 1\.3\.5
> > > Robert Egan
> > >
> > > On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer 
> > wrote:
> > >
> > > > Hi All,
> > > >
> > > > When I originally set up my tomcat instance, I added the following to
> > > allow
> > > > manager access under
> /opt/tomcat/webapps/manager/META-INF/context.xml:
> > > >
> > > >  > > >  allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" />
> > > >
> > > > That worked wonderfully.  Now I'm trying to add another IP range by
> > > > changing it to:
> > > >
> > > >  > > >
> allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*"
> > > />
> > > >
> > > > This is not working.  I tried to use 2\.4\.6\.\d+ as well but that
> > didn't
> > > > work either.  I've verified I can get to port 8080 from the IP
> > locations.
> > > > Any idea what I'm doing wrong or do you have a means to troubleshoot
> > > this?
> > > >
> > > > Thanks,
> > > > Eric
> > > >
> > >
> >
>


Re: [External] org.apache.catalina.valves.RemoteAddrValve

2024-04-04 Thread Eric Fetzer
Sorry folks (Robert), but upon further testing, it looks like port 8080
isn't open on these IP's.  I was mistaking the attempt to connect from my
curl command with a response.  I withdrawal my question for now.  I'll
reply to this thread if it doesn't work once the hole in the firewall is
carved properly.  Thanks!

On Thu, Apr 4, 2024 at 11:58 AM Eric Fetzer  wrote:

> Thanks for the quick response Robert!  So I tried escaping the periods and
> putting the \d+ for the * but it didn't work.  Is the \d+ incorrect in
> substitution for *?
>
> On Thu, Apr 4, 2024 at 11:53 AM Robert Egan 
> wrote:
>
>> It looks like you need to escape your periods, like you did for 127\.
>> etc...
>> 1\.3\.5
>> Robert Egan
>>
>> On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer  wrote:
>>
>> > Hi All,
>> >
>> > When I originally set up my tomcat instance, I added the following to
>> allow
>> > manager access under /opt/tomcat/webapps/manager/META-INF/context.xml:
>> >
>> > > >  allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" />
>> >
>> > That worked wonderfully.  Now I'm trying to add another IP range by
>> > changing it to:
>> >
>> > > >  allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*"
>> />
>> >
>> > This is not working.  I tried to use 2\.4\.6\.\d+ as well but that
>> didn't
>> > work either.  I've verified I can get to port 8080 from the IP
>> locations.
>> > Any idea what I'm doing wrong or do you have a means to troubleshoot
>> this?
>> >
>> > Thanks,
>> > Eric
>> >
>>
>


Re: [External] org.apache.catalina.valves.RemoteAddrValve

2024-04-04 Thread Robert Egan
You need to read up on "regular expressions" (or "regex").

In a regular expression, a lowercase "d" is a single decimal digit. A "+"
means one or more of them. A period means ANY character (which is why you
have to escape it when you mean "period"). A backward slash means to treat
the character immediately after it normally and not as a special character.
So "\d" would mean the literal letter "d".

There's more rules, but they're well documented all over the internet, so I
won't elaborate.

Robert Egan


On Thu, Apr 4, 2024 at 2:01 PM Eric Fetzer  wrote:

> Thanks for the quick response Robert!  So I tried escaping the periods and
> putting the \d+ for the * but it didn't work.  Is the \d+ incorrect in
> substitution for *?
>
> On Thu, Apr 4, 2024 at 11:53 AM Robert Egan 
> wrote:
>
> > It looks like you need to escape your periods, like you did for 127\.
> > etc...
> > 1\.3\.5
> > Robert Egan
> >
> > On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer 
> wrote:
> >
> > > Hi All,
> > >
> > > When I originally set up my tomcat instance, I added the following to
> > allow
> > > manager access under /opt/tomcat/webapps/manager/META-INF/context.xml:
> > >
> > >  > >  allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" />
> > >
> > > That worked wonderfully.  Now I'm trying to add another IP range by
> > > changing it to:
> > >
> > >  > >  allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*"
> > />
> > >
> > > This is not working.  I tried to use 2\.4\.6\.\d+ as well but that
> didn't
> > > work either.  I've verified I can get to port 8080 from the IP
> locations.
> > > Any idea what I'm doing wrong or do you have a means to troubleshoot
> > this?
> > >
> > > Thanks,
> > > Eric
> > >
> >
>


Re: [External] org.apache.catalina.valves.RemoteAddrValve

2024-04-04 Thread Eric Fetzer
Thanks for the quick response Robert!  So I tried escaping the periods and
putting the \d+ for the * but it didn't work.  Is the \d+ incorrect in
substitution for *?

On Thu, Apr 4, 2024 at 11:53 AM Robert Egan  wrote:

> It looks like you need to escape your periods, like you did for 127\.
> etc...
> 1\.3\.5
> Robert Egan
>
> On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer  wrote:
>
> > Hi All,
> >
> > When I originally set up my tomcat instance, I added the following to
> allow
> > manager access under /opt/tomcat/webapps/manager/META-INF/context.xml:
> >
> >  >  allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" />
> >
> > That worked wonderfully.  Now I'm trying to add another IP range by
> > changing it to:
> >
> >  >  allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*"
> />
> >
> > This is not working.  I tried to use 2\.4\.6\.\d+ as well but that didn't
> > work either.  I've verified I can get to port 8080 from the IP locations.
> > Any idea what I'm doing wrong or do you have a means to troubleshoot
> this?
> >
> > Thanks,
> > Eric
> >
>


Re: [External] org.apache.catalina.valves.RemoteAddrValve

2024-04-04 Thread Robert Egan
It looks like you need to escape your periods, like you did for 127\. etc...
1\.3\.5
Robert Egan

On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer  wrote:

> Hi All,
>
> When I originally set up my tomcat instance, I added the following to allow
> manager access under /opt/tomcat/webapps/manager/META-INF/context.xml:
>
>   allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" />
>
> That worked wonderfully.  Now I'm trying to add another IP range by
> changing it to:
>
>   allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*" />
>
> This is not working.  I tried to use 2\.4\.6\.\d+ as well but that didn't
> work either.  I've verified I can get to port 8080 from the IP locations.
> Any idea what I'm doing wrong or do you have a means to troubleshoot this?
>
> Thanks,
> Eric
>