Avatar of projects
projects
 asked on

Protecting iperf server on internet

I need to set up iperf clients connecting to a server on the internet.
This needs to be secured so that only the clients can connect and run the test.

However, I have not found many examples of how to set this up on a public server.
The clients all connect to the server which is using htpasswd along with php authentication.

Could this be done using htpasswd or perhaps in php?
Apache Web ServerPHPServer Software

Avatar of undefined
Last Comment
projects

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
gheist

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
projects

ASKER
It doesn't have any access controls but I was wondering if I would wrap it with something else, like php?
projects

ASKER
I wonder if php could be used to block/allow a port? That way, I could leave the port on, but use a function in php to allow or deny a remote to use the iperf port.

Of course, that implies that php would also control that port.
SOLUTION
gheist

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
projects

ASKER
I don't mean a wrapper, I mean where php controls the port based on remote IP.
If the remote device authenticates, php could look up it's IP and allow it access to iperf.

Is if possible to run two firewalls on the same system? For example, iptables is already running on the server. Would it be possible to not have iptables block the iperf port but have another firewall which is controlled by php for that port alone?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
projects

ASKER
These are good points being made. My solution will be to maintain a list of allowed IPs to the service using another application.
gheist

If your firewall supportes any kind of port knocking it might save you from maintaining the list.
Say ping, then connect to port 28 and 155, then it opens connections to iperf - if you think your firewall can do it - just make it do its job
projects

ASKER
In this case no, there is no firewall in front of the server, only iptables.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.