I am making a Python application that requires the server to have an FTP port forwarded to his computer(a Rasberry PI3) in order to communicate with client. The current implementation works quite great, yet the only thing is that the person who's running the file must forward the port to the local IP manually. I want to automate this. I have serached a lot but i didnt find anything.
Related
I have an app running on my Raspberry Pi 3b+ on an internal IP address of http://192.168.1.8/app/
http://192.168.1.8:8080/app/
I would like to be able to access this from a remotely hosted python script on Heroku.
Currently I have the script running locally on my laptop, but only works when Im on the same internal network. I would like to have the python script running remotely so I can be away from the Pi and it still runs.
I ran all the usual whatsmyIP.com tools, and have the remote IP, but its the external IP of my router, not the Pi.
Does anyone have any suggestions of how I could make this work?
Thanking you in advance of any advice you can provide.
All the best,
Simon
You should look at Port Forwarding. Which port you forward depends on the settings of your RPi and your application. Enabling port forwarding is different for all routers, but you can normally access the routersettings by navigating to 192.168.0.1 or 192.168.0.0 on your computer.
Doing so allows a connection directly from your Pi to the outworld internet.
You should also take into account that your public IP is prone to change. That's because Internet Providers typically use dynamic IP addresses rather than static IP addresses. Some do provide them when specifically asking for one, often you have to pay a small monthly fee. You should therefore include a script where your raspberry pi updates you about any public IP changes, or use a DDNS service provider.
what I have:
I made a simple web application using Flask, which woks great on the localhost.
what I want to achieve:
I want to deploy it so it is visible in the internet.
Because Flask says that the production server should not be used for deployment I installed gunicorn.
I managed to get it working on localhost (running gunicorn server:app).
Then I tried to make it public using the -b 0.0.0.0:5000 option. it said it is running on 192.168....:5000 Now I could access the website using that ip address from my computer and also from my phone connected to the same wifi. however I was unable to connect to the website when I didn't use this wifi.
when I searched about this, I found out that the 192.168.... ip address range is reserved to the local network and cannot be accessed from anywhere else.
how do I need to run the script so it is accessible from everywhere? Do I need to modify the firewall settings? Maybe there is a better way to deploy such an app on the local machine using a different framework?
Just some additional information:
python version: 3.9
I am using a venv (and installed flask and gunicorn into it)
os: macos 11.6.1 (I could run it on an Ubuntu machine if that is easier)
This question isn't anything related with Python or Gunicorn but to networking (so maybe StackOverflow isn't the correct place to ask but other community like ServerFault)
Currently your application is already exposed on your machine in the defined port, so next step would be to forward all the traffic that comes to your router to there.
In order to do that, you will have to configure the firewall of your router to accept incoming traffic through a desired port and finally forward the traffic which comes from that port to your machine in the port 5000.
Also, in the case that you have everything already configured, it will only work if your ISP is providing you a single IPv4, what currently doesn't happen anymore but you actually are sharing that with few more people. Other option would be that you configure IPv6 incoming traffic.
As you can see, this isn't a simple task neither one that should be done without proper care, since you would be literally opening your network to possible attackers.
So, in order to simplify it at the most for you, since you already have Gunicorn, I would recommend you to use any of the resources exposed by other users as Heroku or Netlify which are free for a single application and will fulfill your expectations without requiring high amount of networking knowledge.
You would need to do the following steps:
read up and learn a lot about security for Web servers, then read some more, it is fraught with risks
find your Mac's IP address on your local network and make sure it is fixed, i.e. set as static on your Mac (under "System Preferences->Network") or reserved in your router's DHCP tables (by putting your Mac's MAC address in its allocation tables) so that it always gets the same local address on your internal network when it boots
log into your router and set up "Port Forwarding" to forward external requests (coming from the Internet) for port 5000 (or some other port) to your Mac's fixed IP address and the port 5000 where Gunicorn is serving
log into your router and find your WAN IP address, or go to http://whatsmyip.com to get the address you need to put in your browser, or your friends need to put in their browsers to see your shiny new website
as it stands, this will work until the next time your router reboots when your ISP will likely allocate it a new IP address. If you want it permanent, you need to either 1) ask your ISP for a static IP address, or 2) subscribe a DDNS service (e.g. noip.com or dyndns.com) or 3) tell your friends your new IP address every time you reboot your router
I do not know anything about gunicorn. But what I used to use when needing to deploy a flask app was pythonanywhere. They have a great and totally free hosting service. It's really fast in deploying, needs no resources from your computer and is just great. Also you would have to forward the port 5000 for your computer to enable other devices not in the same network to access your computer/flask app. That comes with security issues. However, you do not need any of that when using pythonanywhere.
There are also other great hosting services like that one. It's just the only one I know and used yet but you'll find others for sure if you don't like that one.
I'm using Python 3.8.5 currently on windows, but the script should run also on linux and on macOS.
I'm creating UDP server and a client and have establish communication between them via multicast.
The client does not know from advanced the IP of the server so it is a "discovery tool" that will let me know information about the server ones it has received the data. -This is working-
On the server I'm using netifaces to get information about the interfaces.
The server sends information to the client such as IP address, mask, gateway. -information that I get from netifaces and is working-.
Example of data I get:
Now to the issue:
The python server can have a static IP or can be connected to a DHCP server -in case that is connected to a DHCP server I will not have access to the DHCP server-.
I wish to know when the DHCP is enabled or disable on the python server so I can send this as a flag to the client together with the rest of the information.
The idea is for the client to know that the IP that he's connecting to can change and he may lose connection and will need to start the discovery tool once more.
Because the user will not know in advanced if the python server is connected to a DHCP server or wil know the IP address of the python server or have access to the python server command line or configuration, using ip addr show, ipconfig, ifconfig and other commands before connecting is not an option.
I have seen that people use scrapy for DHCP communications but it seems that it does not solves what I wish to accomplish.
I do no need to configure the DHCP, just detect if my python server IP is static or dynamic.
I have search for over 4 days and have not found a possible solution.
I'm not asking to have the solution in silver spoon just to be pointed on the right direction.
**EDIT: I forgot to mention that the python server will be running on Ubuntu 16.04 and 20.04.
This will depend on your operating system setup. For example, here's a related question on how to detect whether DHCP is enabled in Ubuntu.
I'm new to coding in Python and what motivates me to start coding is the idea of writing a piece of software that will connect to a proxy server via SSH and then once connected will route all network traffic of the system trough it, seamlessly to the user.
I am actually using the paramiko module to connect to the server and it works fine, but now I would like to know if there is some way to make the system change its socks proxy configuration so I can route the traffic to the proxy, on a way the user doesn't need to do anything. Is there any existing module that will help on this task ?
Thank you.
You can see the existing project sshuttle, it transfers all traffic over ssh.
There have been a few questions like this around the place but none have really answered my question specifically.(for example Connecting to device behind firewall )
What I want is a central server, that receives a heartbeat from multiple ( say 100's) embedded devices behind personal firewalls. These devices need to be able to do two things.
Grab new config from the server. I
suspect I can just do this via a
http get from the device to the
server and pull down some XML, then
reload its own config.
Open an ssh connection to the server
to allow an admin to login to the
command line of the device and do
maintenance and troubleshooting
remotely.ie device => server <= admin and admin can get to bash command line or equivalent.
the device is a low powered embedded device that will be running linux. A solution in python would be preferable (im thinking something with paramiko for the ssh) but im open to other solutions. The main thing is there is there will be no technical users in the private network, so it should be able to plug into a consumer grade ADSL modem, get a DHCP address and all this should work. I can preload the device with anything before hand, for example ssh certificates for passwordless ssh etc.
anybody got any idea's?
Cheers
Mark
You can setup ssh tunnel (from python script or from console):
ssh -NR10022:localhost:22 foo#mainserver.com
Then you can simply login to main server and then ssh bar#localhost -p 10022
You should have ssh keys, so you don't have to put password (google about "ssh without password").
A more elaborate method might be some type of firewall hole punching.
On second though, maybe this is not necessary, since there is only one firewall involved. The trick is to get your embedded device to initiate an outbound connection first.