Have installed the API manager 1.4.0 on a single machine and got everything running. However have found the IP address shown within the management console and store sites are incorrect. For instance in the mgnt console home page the 'Host' and 'Server URL', also on an api's page in the store (both the URLs provides in the overview and the ip used in the 'try it' feature).
Looking into this it seems my network adapter is supplying a privately accessible ip, instead of public (this cannot be changed). This value is then propagated around the API manager on startup between components but also to provide links to access the services externally.
Have looked into the configuration and changed some values, however cannot get all IP's in the UI to display correct. Settings I've changed include..
repository\conf\carbon.xml HostName, MgtHostName, ServerURL
repository\conf\api-manager.xml APIGateway-->APIEndpointURL (also updated APIKeyManager-->ThriftServerHost)
Is there any way to solve this? In particular, is there a way to set an IP that will be published for external access without changing any configuration used for communications within the host?
Instead of an IP address, I would use a domain name, and add it first to your hosts file like:
192.168.1.2 apimanager.example.net
Then edit some carbon.xml parameters to look like:
<HostName>apimanager.example.net</HostName>
<MgtHostName>apimanager.example.net</MgtHostName>
<ServerURL>https://apimanager.example.net:${carbon.management.port}${carbon.context}/services/</ServerURL>
Related
I have created fusionpbx instance using aws. Able to do internal calls between two extensions created. Now i would like to make external call to VOIP server when a particular extension is dialed. To do this i understand that we need to create a sip trunk between two machines i.e fusionpbx server and Voip server.
As of now i created a gateway without using username and password and added external Voip server ip address in CIDR block. But still cant start the gateway and it just refreshes page. No host name is given while configuring.
I have referred many documents available over internet but couldn't find any proper reference. Appreciate if anyone can help me here.
Finally figured this out, i am posting here so that it may help for someone facing same issue.
By changing config key Profile value from external to internal resolved this issue for me.
Key points here to note while configuring gateway is, keep Register to false and if it kept false then don't give any username and password, leave those fields blank. Configure proxy address as shown in below reference and don't forget to add and allow access control (CIDR is your voip server address) under advanced settings of fusionpbx.
Here is the screenshot of gateway configuration for reference.
Were trying to serve people from multiple countries the right language on our Website. We have added GeoIP in Laravel and also the maxmind package.
Whatever we try we get everytime issues as Error 500:
The IP address '10.2.1.211' is a reserved IP address
We first tried to make in apache a redirect X_FORWARDED_FOR but it isn't working still.
Can someone assist us and tell us exactly how to solve it?
Our Envoirements:
AWS: Cloundfront, ELB, Ec2, Laravel 5.5, Maxmind (for GeoIP)
It would appear that you can configure Cloudfront to provide an http header CloudFront-Viewer-Country which will contain the ISO country code for your visitor. This will be faster and simpler to use than Maxmind.
e.g. $visitorCountryCode = isset($_SERVER['CloudFront-Viewer-Country']) ? $_SERVER['CloudFront-Viewer-Country'] : '';
Is your error 500 is during testing only? If testing with devices directly connected to your site/intranet then try accessing via a browser connected through an Internet Service provider instead (a "direct" or intranet connection could well have a "reserved" IP address).
You should be able to get the public IP address of traffics from X_FORWARDED_FOR variable.
https://aws.amazon.com/premiumsupport/knowledge-center/log-client-ip-load-balancer-apache/
You should print out the variable from Apache and see if you could receive the value correctly. Anything with 10.x is a private address.
I have two instances of Odoo in a server in the cloud. If I make the following steps I get "Internal Server Error":
I make login in the first instance (http://111.222.33.44:3333)
I close the session
I load the address of the second instance in the same browser (http://111.222.33.44:4444)
If I want to work in the second instance (in another port), I need to remove the browser cookies first to acces to the other Odoo instance. If do this everything works fine.
If I load them in differents browsers (Firefox and Chromium) at the same time, they work well as well.
It's not a NginX issue because I tried with and without it.
Is there a way to solve this permanently? Is this the expected behaviour?
If you have access to the sourcecode you can change this file like shown below and check if the issue is solved or not.
addons/web/controllers/main.py
if db != request.session.db:
request.session.logout()
request.session.db = db
abort_and_redirect(request.httprequest.url)
And delete --> request.session.db = db
which is below this IF statement.
Try following changes in:
openerp/addons/base/ir/ir_http.py
In method _handle_exception somewhere around line 140 you will find this piece of code:
attach = self._serve_attachment()
if attach:
return attach
Replace it with:
if isinstance(exception, werkzeug.exceptions.HTTPException) and exception.code == 404:
attach = self._serve_attachment()
if attach:
return attach
You can perfectly well serve all the databases with a single OpenERP server on your machine. Unfortunately you did not mention what error you were seeing and what you expected as a result - makes it a bit harder to help you ;-)
Anyway, here are some random ideas based on the information you provided:
If you have a problem with OpenERP not listening on all interfaces, try to specify 0.0.0.0 as the xmlrpc_interface in the configuration file, this should have OpenERP listen on 8069 on all IPs.
Note that Apache is not relevant if you're connecting to e.g. http://www.sample.com:8069/?db=openerp because you're directly connecting to OpenERP. If you want to go through Apache, you need to setup ReverseProxy rules in your vhost configs, and OpenERP does not need to listen to all public IPs then.
OpenERP 6.1 and later can autodetect the database name based on the virtual host name, and filter the name of the available databases: you need to start it with the --db-filter parameter, which represents a pattern used to filter the list of available databases. %h represents the domain name and %d is the first domain component of that domain. So for example with --db-filter=^%d$ I will only see the test database if I end up on the server using http://test.example.com:8069. If there's only one database match, the list is not displayed and the user will directly end up on the right database. This works even behind Apache reverse proxies if you make sure that OpenERP see the external hostname, i.e. by setting a X-Forwarded-Host header in your Apache proxy config and enabling the --proxy mode of OpenERP.
The port reuse problem comes because you are trying to start multiple OpenERP servers on the same interface/port combination. This is simply not possible unless you are careful to start just one server per IP with the IP set in the xmlrpc_interface parameter, and I don't think you need that. The named-based virtual hosts that Apache supports are all handled by a single master process that listens on port 80 on all the interfaces. If you want to do the same with OpenERP you only need to start one OpenERP server for all your domains, and make it listen on 0.0.0.0, port 8069, as I explained above.
On top of that it's not clear what you would have set differently in the various config files. Running 40 different OpenERP servers on the same machine with identical code sounds like a lot of overkill. OpenERP is designed to be multi-tenant so that many (read: hundreds) of databases can be served from the same server.
Finally I think this is the expected behaviour. The cookies of all websites are stored specifically for each website (for each domain) in the web browser. So if I only change the port the cookies of the first instance are in conflict with the cookies of the other instance because the have the same domain (111.222.33.44 in my example).
So there are some workarounds:
Change Domain Locally
Creating a couple of domain name in my laptop in /etc/hosts:
111.222.33.44 cloud01
111.222.33.44 cloud02
Then the cookies don't interfere with each other anymore. To access to each instance
http://cloud01:3333
http://cloud02:4444
Broswer Extension. Multilogin or Multiaccount
There is another workaround. If I use this chromium extension the problem disappears because the sessions are treated separately:
SessionBox
Lets say I have three independent LANs and a central server somewhere. I want to offer a service exclusively to users on those LANs (via internet ofc). And a slightly different service to different LANs: users on LAN "A" should recieve content "A" and only "A". Can this be achieved by some sort of IP filtering on the server side (like checking the source address) and how secure is that? Or with RSA (or something) keys: can a router (on a LAN) be configured so it can communicate with the server in a secure way?
Basically I want my server to only be visible for users that connect to internet through certain routers (LANs), and for each LAN offer a slightly different service.
I would greatly appreaciate any advice on how to achieve this, since I'm not an expert :)
Also I hope that this kind of a question is ok to ask here, since it is not strictly a programming one.
Regards, Petar
I will try to answer this
Basically I want my server to only be visible for users that connect
to internet through certain routers (LANs)
As far as I know, once you make your server public (set public/live IP & register yout domain), it will be visible on the web for anyone who know your web address.
But you can give a "limitation" like who will be able to see your private content. Here is my simple steps :
You need to know the public address of the 3 "green" router which will be allowed to see your private content.
Use this php function $_SERVER['REMOTE_ADDR'] to check your incoming (client) ip address.
If the client's IP address is listed as one of your "green" router's IP address, then display your content, and if not the display a page that says "You are not allowed to this page" or something like that.
So for conclusion..
Can this be achieved by some sort of IP filtering on the server side
(like checking the source address)
Yes it can by doing the steps above.
I hope this can help you.
I am trying to get a Linksys router with the latest DD-WRT (v24-sp2) in my house connected, via Comcast, to an external Squid (v3) proxy that I am running on AWS. When I connect over the WiFi to the DD-WRT router, it connects to the Squid proxy, but I get the nasty message (abbreviated here to show relevant part):
While trying to retrieve the URL: /
Note the backlash. I get this when I go to a root domain, like www.cnn.com. If I go to a page under a site, like www.cnn.com/today (fake link used for example only), that returns and error like:
While trying to retrieve the URL: /today
Again, notice the "/today", as if the root domain has been removed, and the string to the right of the domain name is being searched on.
For some background, I have installed Squid as generally as possible, and have done it on two servers with the same results. I get this same error no matter what domain I go to. Also, if I switch my network on my Mac to use this Squid proxy, it works fine. Only the connections from the DD-WRT give this error.
I have tried the instructions on the DD-WRT site with no luck. Others seem to have gotten this working well, so I assume I am making a configuration mistake.
Any clues for me? TIA...