Jump to content


Photo

Web interface


  • Please log in to reply
92 replies to this topic

Re: Web interface #61 littlesat

  • PLi® Core member
  • 57,163 posts

+698
Excellent

Posted 27 November 2016 - 13:12

10.x.x.x is private address space... But not included

WaveFrontier 28.2E | 23.5E | 19.2E | 16E | 13E | 10/9E | 7E | 5E | 1W | 4/5W | 15W


Re: Web interface #62 Pr2

  • PLi® Contributor
  • 6,181 posts

+261
Excellent

Posted 27 November 2016 - 14:27

Please also add:   172.16.0.0/12  which is also a private IP range (or if you prefer: from  172.16.0.0 to 172.31.255.255).


NO SUPPORT by PM, it is a forum make your question public so everybody can benefit from the question/answer.
If you think that my answer helps you, you can press the up arrow in bottom right of the answer.

Wanna help with OpenPLi Translation? Please read our Wiki Information for translators

Sat: Hotbird 13.0E, Astra 19.2E, Eutelsat5A 5.0W
VU+ Solo 4K: 2*DVB-S2 + 2*DVB-C/T/T2 (used in DVB-C) & Duo 4K: 2*DVB-S2X + DVB-C (FBC)

AB-Com: PULSe 4K 1*DVB-S2X (+ DVB-C/T/T2)
Edision OS Mio 4K: 1*DVB-S2X + 1*DVB-C/T/T2
 


Re: Web interface #63 WanWizard

  • PLi® Core member
  • 70,512 posts

+1,810
Excellent

Posted 27 November 2016 - 23:11

https://tools.ietf.org/html/rfc1918

 

There are quite a few private ranges. I personally NEVER use 192.168.x.x, which most use by default.

 

Another possible problem with this: if you have VPN connections to other internal networks, they will have automatic access when you need to enable VPN for yourself. In the end, the STB is not a security device, and these workarounds don't make it one. If it needs to be a security device, a good firewall needs to be added, processes need to be chrooted, and they need to run outside the current root context.


Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)

Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.

Many answers to your question can be found in our new and improved wiki.


Re: Web interface #64 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 28 November 2016 - 13:10

The check "is it a VPN?" is already performed using python-ipaddress' "is_private" function, NOT comparison against 192.168.x.y

The regexp you might find in the code containing 192.168.x.y is for allowing user "root" from LAN even if root access is disabled (Too many E2 tools not able to handle different logins for Web, telnet and ftp).
Actually it should be rewritten to use the "is in subnet" functionality of py-ipaddress now that we have it.

And I want to add: Too many E2 tools not being able to just use f@cking ssh with key auth for everything instead of direct access for HTTP, ftp AND Telnet.
These crappy tools are probably one of the main reason for all those open OWIFs and ftps and telnets on E2 boxes ...
1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390

Re: Web interface #65 WanWizard

  • PLi® Core member
  • 70,512 posts

+1,810
Excellent

Posted 28 November 2016 - 17:17

Agreed. And "is in subnet" is definitely a better solution, for all those users (including me ;)) that don't use 192.168.x.x.


Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)

Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.

Many answers to your question can be found in our new and improved wiki.


Re: Web interface #66 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 29 November 2016 - 17:07

I'll rewrite that part when 1.1-DEV becomes master.
1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390

Re: Web interface #67 WanWizard

  • PLi® Core member
  • 70,512 posts

+1,810
Excellent

Posted 29 November 2016 - 22:22

Thanks. I plan to do the same with the rubbish network code in Enigma, once 5 is released.


Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)

Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.

Many answers to your question can be found in our new and improved wiki.


Re: Web interface #68 Erik Slagter

  • PLi® Core member
  • 46,969 posts

+541
Excellent

Posted 3 December 2016 - 11:05

169.254.0.0/16  :D 


* Wavefrontier T90 with 28E/23E/19E/13E via SCR switches 2 x 2 x 6 user bands
I don't read PM -> if you have something to ask or to report, do it in the forum so others can benefit. I don't take freelance jobs.
Ik lees geen PM -> als je iets te vragen of te melden hebt, doe het op het forum, zodat anderen er ook wat aan hebben.


Re: Web interface #69 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 3 December 2016 - 11:36

That's the IPv4 zeroconf fallback, isn't it?
1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390

Re: Web interface #70 WanWizard

  • PLi® Core member
  • 70,512 posts

+1,810
Excellent

Posted 3 December 2016 - 13:53

Yes. I sure hope nobody is relying on that range to get his network operational...


Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)

Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.

Many answers to your question can be found in our new and improved wiki.


Re: Web interface #71 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 3 December 2016 - 14:19

Even if: Where is the problem?
1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390

Re: Web interface #72 WanWizard

  • PLi® Core member
  • 70,512 posts

+1,810
Excellent

Posted 3 December 2016 - 14:27

With using zeroconf? Not every device supports it, and the broadcast domain is huge. There are some other issues as well, but perhaps that is "Déformation professionnelle". ;)


Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)

Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.

Many answers to your question can be found in our new and improved wiki.


Re: Web interface #73 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 3 December 2016 - 14:33

Well, I don't care much about legacy IPv4 anymore, that's why I needed to ask :)

My whole home network talks IP(v6) and two E2 boxes are running IP(v6)-only already.
1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390

Re: Web interface #74 littlesat

  • PLi® Core member
  • 57,163 posts

+698
Excellent

Posted 3 December 2016 - 15:01

Still most people have IPv4 stuff.....


WaveFrontier 28.2E | 23.5E | 19.2E | 16E | 13E | 10/9E | 7E | 5E | 1W | 4/5W | 15W


Re: Web interface #75 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 3 December 2016 - 15:05

I know :)

The sick shit is that ATM E2 is hardcoded for or restricted to legacy IPv4 in that many places, that it will become a show-stopper by the time when people really want to get rid of IPv4, given the current development speed.
That much to do ...
1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390

Re: Web interface #76 WanWizard

  • PLi® Core member
  • 70,512 posts

+1,810
Excellent

Posted 3 December 2016 - 15:20

It is the same with a lot of networked equipment.

 

It is really shocking that even today a lot of ISP's aren't even thinking about it. Even a company like OVH, publicly very vocal about IPv6, can't offer IPv6 to their corporate customers, their vRack infrastructure is IPv4 only. Took quite a bit of trickery to make it work, so sites like this are IPv6 accessable.

 

E2 is on my todo list, health and time permitting I'll start on it after we've released 5.


Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)

Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.

Many answers to your question can be found in our new and improved wiki.


Re: Web interface #77 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 3 December 2016 - 15:22

Hm, I've got IPv6 on my OVH server.
1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390

Re: Web interface #78 WanWizard

  • PLi® Core member
  • 70,512 posts

+1,810
Excellent

Posted 3 December 2016 - 15:24

On the public interface of a standalone server, yes.

 

But not if your internet access is routing through a vRack to non-public servers on VLAN's. And you need the vRack if you want to build clusters, as layer-2 connectivity on the public interface is blocked by OVH, even if you have multiple servers in the same rack.

 

We have a 10G vRack to which our firewall cluster is connected, and internet traffic is routed to it. All other servers have internal vRack connectivity only, no public interfaces.


Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)

Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.

Many answers to your question can be found in our new and improved wiki.


Re: Web interface #79 rytec

  • Rytec EPG Team
  • 1,082 posts

+22
Neutral

Posted 6 December 2016 - 13:31

It's new that you also need to set password if you want to use webif outside your LAN. 

->

This does even not really work... I connect with box via open VPN and it blocks the 10.x.x.x ip address reange....

 

It would also be nice when the OWIF does not show the hidden number markers... now we see a channel with a - (dash)

Has this been solved now? or is it possible to change these settings through a Telnet session? If yes, what file do you need to edit to be able to access the open webif through a VPN connection?

Or do you first need to configurate something in the menu on the TV screen?

 

Thank you


~~Rytec Team~~ VU Ultimo / VU Uno / VU Solo / Panasonic TH42-PV700 *Pli/Rytec EPG POWERED*

Re: Web interface #80 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 6 December 2016 - 13:43

Through GUI:
blo.png

Change the setting "Enable access from VPNs", "Auch Zugriff aus VPNs erlauben" or whatever it translates to in your language to "Yes", "Ja", "Oui", "Si", whatever.


Through telnet/ssh:
init 4
cat /etc/enigma2/settings | grep -v config.OpenWebif.vpn_access > /tmp/settings
echo config.OpenWebif.vpn_access=true >> /tmp/settings
mv /tmp/settings /etc/enigma2/settings
init 3

1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users