[zeromq-dev] Peer ip address ?
Trevor Bernard
trevor.bernard at gmail.com
Wed Jan 15 19:11:26 CET 2014
Simple solution is have the downstream service identify itself in the
handshake with it's IP address
On Wed, Jan 15, 2014 at 2:01 PM, Andrew Hume <andrew at research.att.com> wrote:
> every time i have wanted this, it turned out that it was a stupid way to do
> what i really wanted.
> to me, it comes down to this:
>
> 1) do you really care? surprisingly, the answer is often, not really.
> if you do care, then you HAVE to authenticate.
> 2) using IP addresses as a proxy for authentication and authorization is a
> dodgy business;
> it is more or less convenient but full of surprises and wouldn’t pass muster
> where i
> work in a security audit (which i assume you will have if you need to log ip
> addresses).
>
> On Jan 15, 2014, at 8:14 AM, mraptor <mraptor at gmail.com> wrote:
>
> hi I was looking for a way to find the peer/client ip address.
> All of the replies I've seen so far say it is not possible to get the IP
> address of the peer in ZeroMQ.
>
> The main objection for not providing the IP address seem to be that zeromq
> work on top of protocols which may not be TCP/IP.
>
> The solution pointed by most of the people seems to be to figure out the IP
> address at the client and pass it as a part of the message.
>
> I'm currently needing the IP address for logging purposes and in the future
> for filtering and routing.
> Two problems arise :
>
> 1. What happens if you don't have access to the client code i.e. it is
> written by third party
> 2. Second allowing the client to provide the IP address could be major
> security breach, because if it is up to the client, they can place whatever
> IP they want, how would you know ?
>
> How do you solve those problems ? Unless zeromq, already have some means of
> getting the peer IP, the discussions about this were from 2011 ?
>
> thank you
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
>
>
> -----------------------
> Andrew Hume
> 949-707-1964 (VO and best)
> 732-420-0907 (NJ)
> andrew at research.att.com
>
>
>
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
More information about the zeromq-dev
mailing list