FTS datapackage server fails to start with hostname / non-local IP in DataServerIP

FreeTAKTeam / FreeTakServer

Situational Awareness Server compatible with TAK clients

Eclipse Public License 2.0

649 stars 166 forks source link

FTS datapackage server fails to start with hostname / non-local IP in DataServerIP #102

Closed rlex closed 3 years ago

rlex commented 3 years ago

From discord

lex: if i launch it with 0.0.0.0 / 127.0.0.1 it outputs: [7:01 PM] lex:

mkdir: created directory '/data/logs'
Setting Server Message: Server Connection Message
start 213
starting now

[7:01 PM] lex: if i launch with anything else it will be [7:02 PM] lex:

mkdir: created directory '/data/logs'
Setting Server Message: Server Connection Message
start 213
starting now
0.0.0.0
8080

And app on port 8080 will not start, causing any datapackages sent to fail.

It seems DataPackageIP is also used to specify listen interface now? (this wasn't present before, btw) and fails to start in case it finds non-local IP or anything non-IP (ie i used domain name)

Also previous ticket on this: https://github.com/FreeTAKTeam/FreeTakServer/issues/66

rlex commented 3 years ago

Maybe introduce new variable and arg, ie DataPackageHost and use it instead of IP in this places:

https://github.com/FreeTAKTeam/FreeTakServer/blob/0c808f746e12cfc9d337801d289338b733cfa8c3/FreeTAKServer/controllers/DataPackageServer.py#L156

https://github.com/FreeTAKTeam/FreeTakServer/blob/0c808f746e12cfc9d337801d289338b733cfa8c3/FreeTAKServer/controllers/DataPackageServer.py#L208

Should help?

naman108 commented 3 years ago

I'll turn that into a pull request and include in the next release candidate thanks for addressing the issue.

Securitybits-io commented 3 years ago

I was just about to create a issue about this one, after 3 days of debugging! I would also like to add that this feature would need to be tested in regards to the -SSLDataPackageIP Flag! So that Client to Client DPs can be served and sent over SSL

The use case is that FTS is running behind a Public FW, with direct Port NAT for the SSL ports, in which it can bind the local interfaces, which would work if using a ZeroTier network, or any other VPN with local interface routes.

reldred commented 3 years ago

Yeap. Can confirm on my end that on previous releases I could use the internal IP address as the -DataPackageIP and just let iptables on the LXD container host handle NAT'ing to that internal IP, this now doesn't work after I did the recent update for SSL (albeit, SSL is still unconfigured at this time) and I can't bind to the external IP or domain name either. I can list datapackages (In WinTAK at least, haven't tested ATAK) on the server but can't download them or upload them.

brothercorvo commented 3 years ago

we have adressed this in the current RC of 1.5 that is under testing

brothercorvo commented 3 years ago

we have addressed this in the current RC of 1.5 that is under testing

brothercorvo commented 3 years ago

we believe 1.5 has fixed this. closing