Limit Zope only from Pound
Hello, I have installed pound and zope in different machines. Pound is a IP: 192.168.1.1 and Zope is in IP: 192.168.1.5:8080. Pound balances to Zope, correctly. Although, I want than Zope does not visible from external, that is to say, Zope is only accessible from Pound (and not with http://192.168.1.5:8080 manually) . I have tried con "ip-address", but it does not run. Anybody do knows how do it ? Thanks !
--On 8. September 2007 09:32:18 +0200 Juan Javier Carrera Obrero <jcarrera@uco.es> wrote:
Hello, I have installed pound and zope in different machines. Pound is a IP: 192.168.1.1 and Zope is in IP: 192.168.1.5:8080. Pound balances to Zope, correctly.
Although, I want than Zope does not visible from external, that is to say, Zope is only accessible from Pound (and not with http://192.168.1.5:8080 manually) . I have tried con "ip-address", but it does not run.
"it does not run" means what? I doubt that the ip-address directive does _not work_. What is your evidence that it does not work? -aj
Well, I thinked that the ip-address directive allows to limit the external access, but it only allows limit the access to listen in the self machine where zope is installed. Does exists any way that allow to limit the access to the Zope's machine ? For example, I want that Zope is visible from a certain IP, while the IP's rest can not to access to Zope. For example: I have Zope listen in: 192.168.1.5:8080, and I only want to be visible from the IP 192.168.1.1 and that any other IP Zope does not listen it. It is possible ? Andreas Jung escribió:
--On 8. September 2007 09:32:18 +0200 Juan Javier Carrera Obrero <jcarrera@uco.es> wrote:
Hello, I have installed pound and zope in different machines. Pound is a IP: 192.168.1.1 and Zope is in IP: 192.168.1.5:8080. Pound balances to Zope, correctly.
Although, I want than Zope does not visible from external, that is to say, Zope is only accessible from Pound (and not with http://192.168.1.5:8080 manually) . I have tried con "ip-address", but it does not run.
"it does not run" means what? I doubt that the ip-address directive does _not work_. What is your evidence that it does not work?
-aj
--On 8. September 2007 11:07:07 +0200 Juan Javier Carrera Obrero <jcarrera@uco.es> wrote:
Well, I thinked that the ip-address directive allows to limit the external access, but it only allows limit the access to listen in the self machine where zope is installed.
Does exists any way that allow to limit the access to the Zope's machine ? For example, I want that Zope is visible from a certain IP, while the IP's rest can not to access to Zope.
Use a firewall. -aj
Andreas advice about using a firewall is probably the right advice. Basically, since it's an internal IP it's not accessible from the outside. What you do is that you only expose the Pound server to the internet and then no one will ever be able to reach the zope directly unless they're inside the network which is only going to be your colleagues anyway. Juan Javier Carrera Obrero wrote:
Hello, I have installed pound and zope in different machines. Pound is a IP: 192.168.1.1 and Zope is in IP: 192.168.1.5:8080. Pound balances to Zope, correctly.
Although, I want than Zope does not visible from external, that is to say, Zope is only accessible from Pound (and not with http://192.168.1.5:8080 manually) . I have tried con "ip-address", but it does not run.
Anybody do knows how do it ?
Thanks ! _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
-- Peter Bengtsson, work www.fry-it.com home www.peterbe.com hobby www.issuetrackerproduct.com
participants (3)
-
Andreas Jung -
Juan Javier Carrera Obrero -
Peter Bengtsson