we have a GAE email receiver, which is able to receive email from specific IP, now our we want to emails from this IP only , and reject others ip.
we use GAE-firewall to set deny all but only allow this ip, but it does not work. I set deny all ip as default(the default rule),then set allow rule for specific IP with priority, I could use browser to access this app-engine instance, but firewall rejects all coming emails, include the my laptop which I can access this app-engine instance by browser, how should I config that to achieve receive email from specific IP only?
the seting is:
priority for specific ip is "1",
priority for deny all is "default",sorry for the image not shown
Related
I am using PAM authentication to authenticate with my linux server. I have created a view on my website through Apache2 where I can use python to manually validate each login through a web shell with facial recognition and two factor authentication. This is working, but I can't seem to recover the IP address of the incoming connection. I need a way to find the IP address of my connection to the server before SSH is connected, in the PAM module which is running Python. I would like to use bash for this.
I am trying to execute commands to recover the IP address, I tried using "who" and other commands to see incoming SSH connections to no avail. I also tried using "echo $PAM_RHOST" and "$SSH_CLIENT" and "$SSH_CONNECTION" with no success.
I ended up using the auth.log which seems to work perfectly. All I had to do was reverse the log and get the last IP. The below code also collects unique IPs in order of the last login.
`
output = run_command('sudo tail -500 /var/log/auth.log')
op = output.split('\n')
op.reverse()
output = '\n'.join(op)
def unique(thelist):
u = []
for i in thelist:
if i not in u: u.append(i)
return u
ips = unique(re.findall('Accepted publickey for user from ([\d]+\.[\d]+\.[\d]+\.[\d]+)', output))
ip = ips[0]
print(ip) # The last IP
`
I need to relay an email received to an SMTP server to multiple other emails. I would like to keep all the original content, header, from email and ip address. Is this possible and what service or open source software can I use for this? I'd like to have an API option, don't care about spam filter or anything else, I only need a simple relay/redirect.
Example:
Email A from SenderA is sent to SenderB (SMTP Proxy)
SenderB (SMTP Proxy) redirects email to SenderC and SenderD
We've below netwrok setup
Internal server ip : 192.168.153.20:443
Public router ip : 111.93.87.11:26060
We've port forwarding in router : 111.93.87.11:26060 to 192.168.153.20:443
So when we first access 192.168.153.20:443(Internal server ip) it runs/execute django application ( First time )
Now when we access 111.93.87.11:26060 (Public router ip) - due to port forwarding it comes to internal server ip but as apache receives host:111.93.87.11:26060,apache execute/run whole django application second time.
So ulimately our application is being run two times for ip i.e internal ip and public router ip.
This is creating very critical issue.
This is may be due to Apache configuration.
We need to run single instance for both internal and external IP. But it seems Apache parsing host name and running different instance for new external IP
For reference
Apache configuration attached in image
Actually we've to add/provide Public IP in server name as when any request comes it checks and matches with server name if is found then it will execute the same and to pass a request we've to use ProxyPass
Final public router ip working with SSL
Added below lines in httpd-ssl.conf file
ServerName 111.93.87.11
SSLEngine on
SSLProxyEngine on
SSLCertificateFile "/usr/local/vcs/cert/certs/DefaultServerCert_VCS.pem"
SSLCertificateKeyFile "/usr/local/vcs/cert/certs/key/DefaultServerCert_VCS.key"
ProxyPass "/" "https://192.168.153.120:443/"
I have setup a django app on a apache server in a VM. The site is accessible when I use the apache server IP in the VM browser. It is also accessible from the host browser through it's local IP. But, I cannot access it through the public IP over the internet. I get a site can't be reached error
I have set up port forwarding such that:
1. All router requests on port 80 are forwarded to local IP
2. All requests to local IP on port 80 are forwarded to the VM
I checked if my port is open on my public ip using http://www.yougetsignal.com/tools/open-ports/
It says that my port is closed. Same results with http://canyouseeme.org/
I am able to ping my public ip successfully.
I have tried disabling all my firewalls but this has not helped. Please tell me if you need any code to be shared. Any help would be appreciated.
Edit:
Extra information: It seems my router's WAN IP is different from my public IP. I can access the site through the WAN IP from the host browser but again, I am not able to access it over the internet.
You just need a public IP address or push your application to the hosting (like this for example https://gpdhost.com/offers/).
ToDo: learn DMZ, learn WAN-LAN packet forwarding process, learn TCP/IP routing, learn public and private IP addressing and learn NAT.
Description: http/https connection conversation (client-outside vs your-server):
1) client: in browser write: sharan-site/;
2) get IP by DNS name from public servers? But public servers don't know your ip:dns-name pair...
=> fail
next example:
1) client: 192.168.1.1/ - where IP is your server
2) so where is it?
=> nowhere, it is private IP address! Fail...
Desc+: Port forwarding it is NAT feature. Your router must have public IP address, and you must setup DMZ like scheme in your local network: https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/13772-12.html
Desc++: that sites check outside tcp/80 port on your router and PC, and it's open, no questions... But this no help for your task.
When I make request to a url, I believe the ip address of the client is sent to the server. And in that case the ip address must be present in request header, or am I wrong?
So, I say
import requests
resp = requests.get("http://localhost:8000/test")
print resp.request.headers
But I can't see any ip address when printing resp.request.headers, so how can I view the ip address of client. And if I can't see it as part of resp.request.headers, how does server get the ip address of the client if it isn't present in request header?
IP address is not set by client, it is part of the connection. Quote from here:
(remote address) is taken from the ip address that hits the http server and not in
the request. as if you are behind a proxy you would only see the ip of
the proxy. it doesnt touch the http header data
A server gets a connection, natrually it also knows where it comes from.