Protecting iperf server on internet

I need to set up iperf clients connecting to a server on the internet.
This needs to be secured so that only the clients can connect and run the test.

However, I have not found many examples of how to set this up on a public server.
The clients all connect to the server which is using htpasswd along with php authentication.

Could this be done using htpasswd or perhaps in php?
projectsAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
iperf has no access controls. adding firewall will cripple the results.
Only way I see is that you start it when you measure performance and stop after.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
projectsAuthor Commented:
It doesn't have any access controls but I was wondering if I would wrap it with something else, like php?
0
projectsAuthor Commented:
I wonder if php could be used to block/allow a port? That way, I could leave the port on, but use a function in php to allow or deny a remote to use the iperf port.

Of course, that implies that php would also control that port.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

gheistCommented:
It has to run on pure network stack. any wrapper will cut the results to interaction between wrapper and iperf and will not be representative of network link you have.
0
projectsAuthor Commented:
I don't mean a wrapper, I mean where php controls the port based on remote IP.
If the remote device authenticates, php could look up it's IP and allow it access to iperf.

Is if possible to run two firewalls on the same system? For example, iptables is already running on the server. Would it be possible to not have iptables block the iperf port but have another firewall which is controlled by php for that port alone?
0
projectsAuthor Commented:
These are good points being made. My solution will be to maintain a list of allowed IPs to the service using another application.
0
gheistCommented:
If your firewall supportes any kind of port knocking it might save you from maintaining the list.
Say ping, then connect to port 28 and 155, then it opens connections to iperf - if you think your firewall can do it - just make it do its job
0
projectsAuthor Commented:
In this case no, there is no firewall in front of the server, only iptables.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.