My server has 3 ip addresses, 127.0.0.1, 192.168.0.100 and an internet ip address. I'm going to run a service written by python on this server, but I don't want it to expose on internet. I'm using BaseHTTPRequestHandler class to implement this service, so how to bind only 127.0.0.1 and 192.168.0.100 but not the other one?
Asked
Active
Viewed 954 times
2 Answers
0
Generally, routers have an option where you can allow servers to be visible or not visible. If on the router you set you server to not be visible, then your server will not be accessible through the internet.
Nick Johnson
- 157
- 12
-
Thanks but not an option because there's other services on this server. – hago Oct 24 '13 at 05:15
0
I think you have two choices.
1) Listen to all interfaces, but override BaseHTTPRequestHandler.init to check the client address and drop the connection if it comes from an undesired interface
2) Create multiple sockets, one per address you want to listen on. SocketServer.serve_forever() is blocking, so you will either need to use one thread per address or switch to a more sophisticated framework like twisted.
Evan
- 2,217
- 15
- 18
-
Thanks, I prefer solution 1 because the second one will add lots of codes. Is there no way I can just specified 2 ips in binding address tuple? – hago Oct 24 '13 at 05:19
-
Not as far as I can tell. A low level socket can only bind to a single address (but possibly ADDR_ANY). If you are working with sockets directly it is fairly easy to listen to multiple sockets at once, but this does not seem to be implemented in the very simple SocketServer class. One more thing: binding to the wildcard address allows your server to keep running if an interface goes down and back up (say due to a cable being unplugged). If you bind to a specific address you will need to re-listen manually. – Evan Oct 24 '13 at 19:37