[英]Only allow computers on the same network using Express-ip-filter
So I'm using localtunnel
to expose my ports over the internet, but I only want to let devices on the same network as the server access the server. 因此,我正在使用
localtunnel
在Internet上公开我的端口,但我只想让与服务器位于同一网络上的设备访问服务器。
I'm using express-ip-filter
to filter away anything that's on a different network. 我正在使用
express-ip-filter
过滤掉其他网络上的所有内容。 I tried a few things: first I tried using 192.168.1.0/24
as the only ips that could access the website, but that didn't work, as it didn't let anything in. I then tried using the ip I got from WhatsMyIp, but that wouldn't let any device in. I then found out that express-ip-filter
spits out a message saying that a certain ip was not allowed and, on every device, independently on the network it was connected to, the address was 127.0.0.1
. 我尝试了几件事:首先,我尝试使用
192.168.1.0/24
作为唯一可以访问该网站的ip,但这没有用,因为它没有让任何东西进入。然后,我尝试使用从中获取的ip WhatsMyIp,但这不会让任何设备进入。然后我发现, express-ip-filter
一条消息,指出不允许使用某个ip,并且在每个设备上,独立于它所连接的网络,地址是127.0.0.1
。 I tried confirming by only allowing 127.0.0.1
, and then every device could access the server. 我尝试仅通过允许
127.0.0.1
确认,然后每个设备都可以访问服务器。 Why would ip-filter only get 127.0.0.1 as ip? 为什么ip过滤器仅将127.0.0.1作为ip获得? Here's my code as a reference:
这是我的代码作为参考:
// Init dependencies
var express = require('express'),
ipfilter = require('express-ipfilter').IpFilter
app = express()
// Blacklist the following IPs
var ips = ['192.168.1.0/24']
// Create the server
app.use(ipfilter(ips, { mode: "allow" }))
app.get('/', function (req, res) {
res.send('Hi')
})
app.listen(8080, () => console.log('Up'))
From my limited understanding of localtunnel
it seems like it proxies users requests to you via the localtunnel software which causes all users to have the same IP. 根据我对
localtunnel
有限了解,似乎它通过localtunnel软件代理了用户对您的请求,这导致所有用户都具有相同的IP。 In laymans terms: 用外行术语来说:
localtunnel
localtunnel
连接到您的站点 localtunnel
copies the users request and sends it to your computer localtunnel
复制用户请求并将其发送到您的计算机 localtunnel
because it's incredibly difficult if not impossible for localtunnel
to imitate someone else's IP. localtunnel
因为localtunnel
模仿别人的IP并非没有困难,这是非常困难的。 Why use localtunnel
at all if you only want devices on the same network to connect, you don't need to do any port forwarding or DNS setup if you just want to access another machine on the same local network. 如果只希望连接同一网络上的设备,而只想访问同一本地网络上的另一台计算机,则无需进行任何端口转发或DNS设置,为什么要使用
localtunnel
。
If you really do need to tunnel connections then there is a solution, not with localtunnel(Which as far as i can tell does not use forwading headers, although if someone knows if they do ill change my answer) but using https://ngrok.com instead which does exactly the same thing but also sends a little extra bit of data in every request which tells the application what the clients actual IP is. 如果您确实确实需要通过隧道建立连接,那么有一个解决方案,而不是使用localtunnel(据我所知,它不使用forwading标头,尽管有人知道它们是否会改变我的答案),而是使用https:// ngrok .com相反,它执行完全相同的操作,但是在每个请求中还会发送一点额外的数据,从而告诉应用程序客户端的实际IP是什么。
ngrok http -subdomain=(the subdomain you want) 80
ngrok http -subdomain=(the subdomain you want) 80
Edit your application code to find the real client IP 编辑您的应用程序代码以查找真实的客户端IP
var findProxyIP = function(req) { var realIP = req.header('x-forwarded-for'); return realIP; } app.use(ipfilter(ips, { mode: "allow", detectIP: findProxyIP }));
ngrok is much more complex and has a lot more features compared to localtunnel, however, it is freemium software and its free plan is quite limiting. 与localtunnel相比,ngrok更加复杂并且具有更多功能,但是,它是免费增值软件,其免费计划非常有限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.