First of all, sorry for my bad English : )
My Java application (multiplayer game server) uses this package to communicate with a web application in client's browser using websockets: https://github.com/TooTallNate/Java-WebSocket
I've encountered a problem running my application: only I can connect to the websocket server, clients on other hosts can't do so. In browser I estabilish connection as usual, address here is certainly correct:
new WebSocket("ws://"+serverIp+":8787");
When I connect from my own host to the websocket server running on the same host, it runs perfectly. When other hosts try to connect to me, connection in not being estabilished: in browser WebSocket objects's .readyState is 0 (whilst it should be 1), and even server does not recieve any handshakes (no output from onClientOpen in server console, I even tried to get any output from certain WebSocketServer class' methods).
Other hosts are still recieving, for example, static contents of web application from webserver on 80 port on the same host. Problem is not the closed 8787 port: I checked it, it's open.
What may be the reason that other host can't connect to my websocket server?
WebSockets uses a cross-origin permission system. You might need to tell you WebSocket server to accept connections from more than just your local host. The verification of Origin happens during the WebSocket handshake which likely happens prior to onclientOpen.
Related
I'm trying to make GET/POST requests from one Jelastic environment to another. Both are running Node/Express. I tried with env name (which works from my local machine) and internal IP address, but I always get a connection refused error:
FetchError: request to https://10.101.19.55/converter failed,
reason: connect ECONNREFUSED 10.101.19.55:443
Any hint on how to solve this is greatly appreciated.
You don't mention how your application is deployed (on what node type), but most likely it isn't listening on port 443; that only works remotely (if it does) because of proxying by the Shared Load Balancer of the Jelastic platform.
If you want to connect internally (between Jelastic nodes within the same platform), your requests do not pass via the Shared Load Balancer so cannot take advantage of that proxying.
In other words, you need to:
connect directly to the port you application actually runs on, such as https://10.101.19.55:5000/converter (if your application is running/listening on port 5000)
ensure that your firewall rules permit access from where you're connecting from
I have a web app running on a Amazon EC2 Instance on port 8080, the webapp while starting, starts a Socket io server listening on port 9092.
in the client file connecting to the Socket io server i have this:
io.connect('http://<IPADDRESS>:9092');
Unfortunately, this request is getting blocked as shown :
I thought the problem was about inbound rules of my EC2 instance, i therefore allowed traffic for the purpose as shown:
But the requests are still blocked...
NOTE: When my app is hosted locally, everything works fine.
So why is amazon behaving this way and what am i supposed to do to come across this issue?
UPDATE:
netstat -a -n | grep 9092 outputs this on instance:
Also have a look on what firefox shows me about a request attempt timings:
It turns that i was binding my server to the localhost address, as if it were accessed from the localhost.
Thanks to #robertklep comment, i did bound the server to the ec2 instance address and it's working now.
The easiest way to establish a socket connection with your server from outside of EC2 is to listen to all the incoming traffic:
server.listen(3000, '0.0.0.0');
This is only recommended for testing and development environment. Do not use this for production.
I have a web page to control a thermostat on a raspberry pi, and I'm running into difficulties when trying to get websockets to work from a remote client. It seems to work fine when on LAN however. I'm obviously missing something (and likely something basic), but I can't seem to figure out what it is.
The pi's local ip is 192.168.1.134. The web page (served from apache server) has the URL http://192.168.1.134:8010/thermostat.html. The page starts up some javascript, which then tries to connect to the pi's main program using websockets via ws://192.168.1.134:9000. (the server on the pi is running libwebsockets). The websocket comes up, and it seems to work fine. I then tried to connect via a remote client (a cell phone, where wifi was turned off) from http:\\23.239.99.99:8010\thermostat.html. The html/js files load fine, but the web socket attempts to connect to uri ws:\\23.239.99.99:9000, and this fials.
As far as I can tell, the NAT seems to be configured properly:
name ext ext protocol int int ip addr interface
port port port port
start end start end
Thermostat3 8010 8010 TCP 8010 8010 192.168.1.134 eth3.1
Thermostat5 8000 8000 TCP/UDP 80 80 192.168.1.134 eth3.1
Thermostat_ws 9000 9000 TCP/UDP 9000 9000 192.168.1.134 eth3.1
I checked, and the router does not have any firewalls set up, neither does my modem. I didn't install a firewall on the pi (I checked, and there's no odd iptables rule). Does anyone know what I'm missing?
--- EDIT ---
I'm still stuck on this. I called my ISP and they assure me there are no firewalls on their servers. Is there any way to tell if port 9000 is being blocked, and by who?
Bind your apache server to 0.0.0.0 address to make it accessible from remote machines
Try this tool to determine if the port is inaccessible (use the custom port): http://www.whatsmyip.org/port-scanner/
Everything else looks fine. As a sanity check I would try putting the ws port to 8010 to see if that works. I would also recommend using a tool like Advanced Web Client to isolate networking issues.
This is interesting. I once had a similar problem. I set up a WebSocket (I was using a nodejs ws) and once I tried to access it from remote client I was not able to reach it with ws://yourip:port but instead I had to use http://yourip:port. I don't know if you have the same problem, mine was due to a proxy I was using.
I still have an advice for you how you might be able to solve your problem. I don't know how concerned you are about security but as far as I understood your idea you basically connect to your raspberry pi through a WebSocket and tell it to change the temperature.
Back when did a similar project I found it rather hard to secure my WebSocket connection. I was basically sending a password plus command through the WebSocket to my server which then checks wether the password is correct. Otherwise everyone on the internet could heat your house. Not cool...
But therefore, I had to tunnel the connection through https to prevent a middleware attack.
I quickly threw the towel and decided to go with a completely different solution. Basically I set up a nodejs express server (can easily be configured with a self signed certificate to use https or used behind a nginx/apache https server) and authenticated with username and password. When someone made a POST request to /api/thermostats?id=0 with a temperature request, the server checks if the user is authenticated and then executes a terminal command from within node.
Maybe this idea also fits your demands.
I'm using windows 2008 R2 with IIS 7.5 (default config) trying to configure my firewall to block all outgoing connections, to prevent malicious attacks from "phoning home".
What outgoing rules do I need to create to enable the web application to connect to SQL Server default instance? The SQL server is under my control and it's running port 1433 for sure.
The webserver works fine. But the connect to DB step fails.
When I ping the sql server 2012 from the web server, I get the following:
Pinging xxx.0.0.xxx with 32 bytes of data:
General failure.
General failure.
General failure.
General failure.
I have already tried the following:
Created an outbound rule for port 1433 for w3wp.exe for port 1433
Created an outbound rule for WWWPublishing service for port 1433
When the above failed, I created an outbound rule for ALL programs
and applications for 1433, still no go.
When all failed. I tried to enable ALL the included rules in the
list, still didn't help
Tried connection string with data source=xxx.0.0.xxx and data
source=xxx.0.0.xxx,1433 both worked with outbound allowed, and both faild when outbound is blocked.
Created a new rule to enable RPC, so I created a rule for all TCP
traffic for services.exe
The only way to get it to connect, is to change the default behavior for the firewall to Allow outgoing traffic.
Just to reiterate, the only connection that is failing is web-server-> sql server.
Internet to Web server is fine.
Which port/program am I missing?
1433 is the port your remote machine listens to not the outgoing port of the clients.
Outgoing ports are dynamically assigned by the OS.
Go on a process basis.
An outbound rule All Ports of w3wp to 1433 works.
I'm running a websocket server (command line program) off port 9000 on a Windows 2008 server. I can't seem to figure out why it will not accept more than about 600 concurrent connections. Testing on my local machine, I can create thousands of concurrent connections. But on the server, I get the following error after about 600:
No connection could be made because the target machine actively refused it
I have tried adjusting registry entries for the max port number, and turning off the firewall to no avail. I have also tried a different websocket server implementation. Is there some other setting I need to change?
edit: I tried this on a Linux server as well with the same problem.
I found the problem:
It seems to be my client side internet connection. By running the same tests on a different network from the client side, I can create thousands of connections.