Re: [Zope] Intercept request
(Mon, Jan 07, 2008 at 08:18:14AM -0600) David Chelimsky wrote/schrieb/egrapse: The use case is that my client wants to block a range of IP addresses from being able to view their site. So I need to access the originating IP address and filter appropriately. You might also want to look at http://betabug.ch/wiki/HoneyPotBL which is a module that accesses the projecthoneypot.org HTTP blacklist database. The actual code to block access is not in this module (as I believe it's application specific), but anyway it might be interesting. Regards, Sascha ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
--On 7. Januar 2008 08:00:27 -0600 David Chelimsky [EMAIL PROTECTED] wrote: Hi, I want to show different things to different viewers based on their IP addresses. How can I do this? Basically you look at the clients ip address (from the REQUEST object) and perform any action you need (redirections, conditions within scripts, templates)...but no idea what the sense of this usecase is. If you have different audiences, setup sites with different content or something similar. In addition: using Zope behind proxy will lead in request coming from the IP address of your reverse proxy. Additional configuration/programming is necessary to get hold of the original IP. -aj pgpvK0Zz0ecuC.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
On Jan 7, 2008 8:06 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:00:27 -0600 David Chelimsky [EMAIL PROTECTED] wrote: Hi, I want to show different things to different viewers based on their IP addresses. How can I do this? Basically you look at the clients ip address (from the REQUEST object) and perform any action you need (redirections, conditions within scripts, templates)...but no idea what the sense of this usecase is. If you have different audiences, setup sites with different content or something similar. In addition: using Zope behind proxy will lead in request coming from the IP address of your reverse proxy. Additional configuration/programming is necessary to get hold of the original IP. Thanks for the reply. The use case is that my client wants to block a range of IP addresses from being able to view their site. So I need to access the originating IP address and filter appropriately. I've written a few custom zope products before, but I've not done anything that really modifies zope's behaviour on every request - just on requests for the specific objects I'm publishing. So I'm familiar with the request object, but I don't know how to intercept *every* request. Are there any global request life-cycle hooks? If you can point me to those that would be a great help. Cheers, David ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
On Jan 7, 2008, at 9:00 AM, David Chelimsky wrote: Hi, I want to show different things to different viewers based on their IP addresses. How can I do this? Cheers, David swap out theipaddress with the actual IP. dtml-if REMOTE_ADDR == 'theipaddress' true dtml-elif HTTP_X_FORWARDED_FOR == 'theipaddress' true dtml-else false /dtml-if Tom ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
--On 7. Januar 2008 08:18:14 -0600 David Chelimsky [EMAIL PROTECTED] wrote: On Jan 7, 2008 8:06 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:00:27 -0600 David Chelimsky [EMAIL PROTECTED] wrote: Hi, I want to show different things to different viewers based on their IP addresses. How can I do this? Basically you look at the clients ip address (from the REQUEST object) and perform any action you need (redirections, conditions within scripts, templates)...but no idea what the sense of this usecase is. If you have different audiences, setup sites with different content or something similar. In addition: using Zope behind proxy will lead in request coming from the IP address of your reverse proxy. Additional configuration/programming is necessary to get hold of the original IP. Thanks for the reply. The use case is that my client wants to block a range of IP addresses from being able to view their site. You have a firewall for this purpose or you use apache rewrite rules for performing URL rewriting. -aj pgpZ4UZxAVLPR.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
On Jan 7, 2008, at 9:18 AM, David Chelimsky wrote: On Jan 7, 2008 8:06 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:00:27 -0600 David Chelimsky [EMAIL PROTECTED] wrote: Hi, I want to show different things to different viewers based on their IP addresses. How can I do this? Basically you look at the clients ip address (from the REQUEST object) and perform any action you need (redirections, conditions within scripts, templates)...but no idea what the sense of this usecase is. If you have different audiences, setup sites with different content or something similar. In addition: using Zope behind proxy will lead in request coming from the IP address of your reverse proxy. Additional configuration/programming is necessary to get hold of the original IP. Thanks for the reply. The use case is that my client wants to block a range of IP addresses from being able to view their site. So I need to access the originating IP address and filter appropriately. I've written a few custom zope products before, but I've not done anything that really modifies zope's behaviour on every request - just on requests for the specific objects I'm publishing. So I'm familiar with the request object, but I don't know how to intercept *every* request. Are there any global request life-cycle hooks? If you can point me to those that would be a great help. Cheers, David If you just need to redirect traffic from an IP range, and not do anything fancy, it may be better to do it in Apache rather than Zope. http://wiki.zope.org/zope2/ZopeAndApache Tom ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
On Jan 7, 2008 8:23 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:18:14 -0600 David Chelimsky [EMAIL PROTECTED] wrote: On Jan 7, 2008 8:06 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:00:27 -0600 David Chelimsky [EMAIL PROTECTED] wrote: Hi, I want to show different things to different viewers based on their IP addresses. How can I do this? Basically you look at the clients ip address (from the REQUEST object) and perform any action you need (redirections, conditions within scripts, templates)...but no idea what the sense of this usecase is. If you have different audiences, setup sites with different content or something similar. In addition: using Zope behind proxy will lead in request coming from the IP address of your reverse proxy. Additional configuration/programming is necessary to get hold of the original IP. Thanks for the reply. The use case is that my client wants to block a range of IP addresses from being able to view their site. You have a firewall for this purpose or you use apache rewrite rules for performing URL rewriting. Our host uses nginx, not apache. We can still do this w/ nginx configuration, but it means maintaining a configuration file rather than application code (which in my experience is more flexible/maintainable). Right now I'm just exploring options, so I'd still like to know how I can do this with Zope. Thanks, David -aj ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
--On 7. Januar 2008 08:35:50 -0600 David Chelimsky [EMAIL PROTECTED] wrote: On Jan 7, 2008 8:23 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:18:14 -0600 David Chelimsky [EMAIL PROTECTED] wrote: On Jan 7, 2008 8:06 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:00:27 -0600 David Chelimsky [EMAIL PROTECTED] wrote: Hi, I want to show different things to different viewers based on their IP addresses. How can I do this? Basically you look at the clients ip address (from the REQUEST object) and perform any action you need (redirections, conditions within scripts, templates)...but no idea what the sense of this usecase is. If you have different audiences, setup sites with different content or something similar. In addition: using Zope behind proxy will lead in request coming from the IP address of your reverse proxy. Additional configuration/programming is necessary to get hold of the original IP. Thanks for the reply. The use case is that my client wants to block a range of IP addresses from being able to view their site. You have a firewall for this purpose or you use apache rewrite rules for performing URL rewriting. Our host uses nginx, not apache. We can still do this w/ nginx configuration, but it means maintaining a configuration file rather than application code (which in my experience is more flexible/maintainable). This issue is a configuration and not an application issue. So it basically does not belong into Zope. -aj pgpR36ROmZscS.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
+---[ Andreas Jung ]-- | | This issue is a configuration and not an application issue. So it basically | does not belong into Zope. That's a pretty narrow view in my opinion. We nearly all already display different content to different classes of user, I fail to see how grouping those users by IP address is really any different. -- Andrew Milton [EMAIL PROTECTED] ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
--On 8. Januar 2008 01:49:21 +1100 Andrew Milton [EMAIL PROTECTED] wrote: +---[ Andreas Jung ]-- | | This issue is a configuration and not an application issue. So it | basically does not belong into Zope. That's a pretty narrow view in my opinion. We nearly all already display different content to different classes of user, I fail to see how grouping those users by IP address is really any different. Narrow or not..it does not belong into directly in Zope in my opinion. If you were using Plone for example as CMS, you could create your PAS plugin providing dedicated roles for different IP ranges (or something similar) and control the visibility of content through the standard Zope security by granting View permission (and others) to the related roles. -aj pgp9nrM3fwgbd.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
On Jan 7, 2008 8:35 AM, David Chelimsky [EMAIL PROTECTED] wrote: On Jan 7, 2008 8:23 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:18:14 -0600 David Chelimsky [EMAIL PROTECTED] wrote: On Jan 7, 2008 8:06 AM, Andreas Jung [EMAIL PROTECTED] wrote: --On 7. Januar 2008 08:00:27 -0600 David Chelimsky [EMAIL PROTECTED] wrote: Hi, I want to show different things to different viewers based on their IP addresses. How can I do this? Basically you look at the clients ip address (from the REQUEST object) and perform any action you need (redirections, conditions within scripts, templates)...but no idea what the sense of this usecase is. If you have different audiences, setup sites with different content or something similar. In addition: using Zope behind proxy will lead in request coming from the IP address of your reverse proxy. Additional configuration/programming is necessary to get hold of the original IP. Thanks for the reply. The use case is that my client wants to block a range of IP addresses from being able to view their site. You have a firewall for this purpose or you use apache rewrite rules for performing URL rewriting. Our host uses nginx, not apache. We can still do this w/ nginx configuration, but it means maintaining a configuration file rather than application code (which in my experience is more flexible/maintainable). Right now I'm just exploring options, so I'd still like to know how I can do this with Zope. BTW - I'm using ZPT, not DTML. I'm guessing I can do this with a simple script that I include on every page, yes? That could work, but seems a bit error prone - that's why I'm looking for some sort of request hook. But maybe that's my best option within Zope. Thoughts? Thanks, David -aj ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Intercept request
Andreas Jung wrote at 2008-1-7 16:04 +0100: Narrow or not..it does not belong into directly in Zope in my opinion. If you were using Plone for example as CMS, you could create your PAS plugin providing dedicated roles for different IP ranges (or something similar) and control the visibility of content through the standard Zope security by granting View permission (and others) to the related roles. And this solution is possible in Zope, too (after PluggableAuthService) has been installed). And of course, this solution is in Zope (and not the web server or the firewall). -- Dieter ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )