Listens only on localhost

oatpp / oatpp-libressl

oatpp secure ConnectionProvider based on libressl

https://oatpp.io/

Apache License 2.0

4 stars 9 forks source link

Listens only on localhost #11

Closed nicraMarcin closed 4 years ago

nicraMarcin commented 4 years ago

Hello, How to set to listen to on all interfaces?

    OATPP_CREATE_COMPONENT(std::shared_ptr<oatpp::network::ServerConnectionProvider>, serverConnectionProvider)([] {

        OATPP_LOGD("oatpp::libressl::Config", "pem='%s'", CERT_PEM_PATH);
        OATPP_LOGD("oatpp::libressl::Config", "crt='%s'", CERT_CRT_PATH);
        auto config = oatpp::libressl::Config::createDefaultServerConfigShared(CERT_CRT_PATH, CERT_PEM_PATH /* private key */);
        OATPP_COMPONENT(oatpp::Object<Config>, cfg);

        return oatpp::libressl::server::ConnectionProvider::createShared(config, cfg->server->port);
    }());

$ netstat -ntap | grep 8888
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 127.0.0.1:8888          0.0.0.0:*               LISTEN      275042/nmsapi

lganzzzo commented 4 years ago

Hey @nicraMarcin ,

Use 0.0.0.0 for ipv4, or :: for ipv6. Hint - pull the latest oatpp sources from master.

OATPP_CREATE_COMPONENT(std::shared_ptr<oatpp::network::ServerConnectionProvider>, serverConnectionProvider)([] {

  OATPP_LOGD("oatpp::libressl::Config", "pem='%s'", CERT_PEM_PATH);
  OATPP_LOGD("oatpp::libressl::Config", "crt='%s'", CERT_CRT_PATH);
  auto config = oatpp::libressl::Config::createDefaultServerConfigShared(CERT_CRT_PATH, CERT_PEM_PATH /* private key */);
  OATPP_COMPONENT(oatpp::Object<Config>, cfg);

  auto streamProvider = oatpp::network::server::SimpleTCPConnectionProvider::createShared("0.0.0.0" /* host */, cfg->server->port);

  return oatpp::libressl::server::ConnectionProvider::createShared(config, streamProvider);

}())

nicraMarcin commented 4 years ago

@lganzzzo thaks, Yes I have the newest sources.

Is it possible to listen ipv4 and ipv6 simultaneously?

If I set ipv6 it listens only ip6 and vice versa.

$ netstat -ntap | grep 8888
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp6       0      0 :::8888                 :::*                    LISTEN      283492/nmsapi

bamkrs commented 4 years ago

In linux you are most likely to listen to IPv4 too if you are listening on ::, even if this is IPv6. This is called dual-stack mode and its normally on in linux. However, it can be disabled by setting net.ipv6.bindv6only in sysctl.

Have you tried to connect to 8888 via an IPv4 address? Theoretically, it should work. The IPv4 request will be accepted on IPv6 listeners because 192.168.1.1 will just be rerouted to ::FFFF:192.168.1.1 :)

nicraMarcin commented 4 years ago

@bamkrs yes, you are right. I was confused that netstat shows only ip4.

Thanks for help

nicraMarcin commented 4 years ago

@lganzzzo I thik it could be fine to add this

 auto streamProvider = oatpp::network::server::SimpleTCPConnectionProvider::createShared("0.0.0.0" /* host */, cfg->server->port);

into documentation.

lganzzzo commented 4 years ago

Agree