i am still a novice in these areas so here is my question:
I want to see the dns request sent out by my browser (say chrome).so i set up a udp server in python with host='' and port=21567(can be anything other than the previlaged and reserved ones).i set my server to listen for connections using the udp.recvfrom(1024)
and set the proxy in my browser to localhost and respective port number so my browser should send the request to my server when i type in a url right??? is that right???
if it is then my server is not detecting a connection if it is wrong then please tell me the actual mechanism in technical details
Thanks in advance
Setting up a proxy in your browser tells it where to make TCP connections; it doesn't have anything to do with how it queries DNS, which is determined by your operating system's resolver.
For Linux you'd just shut down bind, e.g. Debian /etc/init.d/bind9 stop; then your Python script would catch the traffic on port 53. And make sure nameserver 127.0.0.1 is at the top of /etc/resolv.conf.
For Windows you'll need to set your DNS to the localhost (127.0.0.1), somewhere in the network settings.
Related
I'm creating an extremely simple Vega visualization viewer: it's a one file module that serves a base HTML page containing just the Vega graphic and an HTML5 EventSource of updates. The user (me) is working in a Python shell through ssh, creates an object representing the viewer, which prints its IP and port for the user to paste into their (my) web browser. This HTTP server doesn't serve files or take input from clients, so I don't see any security concerns.
The part I'm unsure of is how to set (host, port) such that my web browser can find the HTTP server running in the remote Python. I've been experimenting all afternoon, and I don't know if I'm misunderstanding what's supposed to happen or if the servers I use have changed their access policies.
Here's a minimal example:
import SimpleHTTPServer
import SocketServer
Handler = SimpleHTTPServer.SimpleHTTPRequestHandler
httpd = SocketServer.TCPServer((host, port), Handler)
print(httpd.server_address)
httpd.serve_forever()
If I'm running this locally and want to ensure that outside viewers cannot access it, do I set host to "127.0.0.1" because that means a client would have to access it as 127.0.0.1, which can only happen locally? In this case, port can be 0 to get any open port.
If I'm running this remotely want to to ensure that outside viewers can access it, do I set host to "" or "0.0.0.0" because that means that a client can access it as any address that makes its way to the server? In this case, I might not be able to set port to 0 because many of those ports might be blocked, or is the OS smarter about this?
Basically, how is access control in Python's SocketServer supposed to work?
This is basic TCP. Nothing to do with Python.
If you listen at 127.0.0.1, only clients running in the same host can connect.
If you listen at 0.0.0.0, anybody can connect, firewalls permitting.
Why is my python script behaving this way?
I give it the instruction to connect via port 7777 but instead it is going over 45604.
I am NOT using socket.bind((socket.gethostname(),port))
Instead I work either with socket.bind(("0.0.0.0",port))
or with socket.bind(("127.0.0.1",port))
so I'm working local here. Why does my computer reroute the ports?
There should be no need for that, shouldn't it? Can I somehow disable it locally?
I am answering in the absence of any of your actual code.. So I have to make assumptions here:
1) You have server (right side in picture) listening on port 7777.
2) You are running a client on the same machine (left side of picture) that is connecting to the server.
So, the client (on the left shell) is connecting to the server (right shell window). The server is listening on 7777 and the client is connecting to the server from 45604 (client and server cannot occupy the same port on the same machine!)
Put another way, the client is "sending" to port 7777 from port 45604. Maybe that makes better sense?
A TCP connection is defined by 4 numbers: source IP address, source port, destination IP address, destination port.
The connection goes from 127.0.0.1 port 45604 to 127.0.0.1 port 7777.
The source port (45604) is a value chosen by the system from a wide range of unused ports (it is called an ephemeral port), because your program did not set a specific source port.
I have a simple Apache+Flask website running inside a basic Vagrant+VirtualBox environment. I can access my site fine at 127.0.0.1:8080.
The question & problem is, how do I configure Vagrant to pass the real clients IP address to Apache+Flask?
request.remote_addr always returns 10.0.2.2 no matter what client is connecting from within my LAN.
For example the machine running Vagrants IP is 192.168.1.5. From a client i.e. another laptop on my LAN with IP of 192.168.1.7, would hit the site # 192.168.1.5:8080, but 192.168.1.7 is not the remote_addr in vagrant/flask+apache, its always 10.0.2.2
Thanks!
The most easy way to do that would be a bridged network. The VM will receive an IP address in your (outside) network, e.g. 192.168.1.10.
See https://docs.vagrantup.com/v2/networking/public_network.html on how to configure that.
I have a server running by using python's base http server. The host name used is '127.0.0.1' the local host, and the port number is set to 8000. I have the public ip address of the computer operating this server.
If I wanted to send a http get request to this from another computer, what would I type into my browser?
Sounds like you've got your server process running on the wrong interface. 127.0.0.1 is not a hostname but an IP address, specifically the local loopback address. It is not reachable from any other machine (unless something's gone tragically wrong with your network configuration).
You can run anything you like on the 127.0.0.1 interface, and no one else can directly connect to it from a remote machine. That's pretty much the point --- it's for testing programs that use the Internet Protocol, and (in recent years) for starting single-user servers without worrying about security. (Python 2's SimpleHTTPServer does this, as do some personal wikis, and I think iPython Notebook.)
The public address for the host running your Web server is a completely unrelated network interface, with its own hardware and its own port 8000. It doesn't know or care that you've got something listening on some other interface's port 8000, so it should refuse attempts to connect to that port.
Since you didn't post any code, I have no idea what you need to change to get your server running on the correct interface. Assuming you've more or less followed the example in the BaseHTTPServer.HTTPServer docs:
def run(
server_class=BaseHTTPServer.HTTPServer,
handler_class=BaseHTTPServer.BaseHTTPRequestHandler,
):
server_address = ('', 8000) # <----= Replace the string.
httpd = server_class(server_address, handler_class)
httpd.serve_forever()
That server_address tuple is a string containing the IP address ('1.2.101.202' or whatever), followed by an integer port number. So replace the string with your host machine's public-facing IP address.
Note that port 8000 is outside the reserved range (0 up to but not including 1024), so it's possible that some unrelated service is already using that port. (Numerous applications are already squatting port 8000.) If so, you'll just have to choose another port number. You can chose anything from 1024 up to but not including 65536, but as with 8000, someone else might already be using it.
Depending on your operating system and its security setup, you might not have permission to open a socket that listens on an arbitrary port number. If so, that's between you and your ISP or sysadmin.
http://yourip:port/func
yourip is your public ip.
port is 8080
func is your registered function.
and also make sure you port is opened
I am using Python SocketServer to implement a socket server.
How can I find out if client used example.com to connect to me, or used x.x.x.x?
Actually, I need something like virtual hosts in Apache.
Googling didn't come up with any notable result.
Thanks
virtual hosts in Apache works because it is specified in the HTTP RFC to send the host header. Unless your client similarly sends the name it used to connect, there is really no way to find this out. DNS lookup happens separately and resolves a host name to an IP. The IP is then used to connect. – Kinjal Dixit