Solved

Protecting iperf server on internet

Posted on 2014-11-14
8
202 Views
Last Modified: 2014-11-18
I need to set up iperf clients connecting to a server on the internet.
This needs to be secured so that only the clients can connect and run the test.

However, I have not found many examples of how to set this up on a public server.
The clients all connect to the server which is using htpasswd along with php authentication.

Could this be done using htpasswd or perhaps in php?
0
Comment
Question by:projects
  • 5
  • 3
8 Comments
 
LVL 61

Accepted Solution

by:
gheist earned 500 total points
Comment Utility
iperf has no access controls. adding firewall will cripple the results.
Only way I see is that you start it when you measure performance and stop after.
0
 

Author Comment

by:projects
Comment Utility
It doesn't have any access controls but I was wondering if I would wrap it with something else, like php?
0
 

Author Comment

by:projects
Comment Utility
I wonder if php could be used to block/allow a port? That way, I could leave the port on, but use a function in php to allow or deny a remote to use the iperf port.

Of course, that implies that php would also control that port.
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 500 total points
Comment Utility
It has to run on pure network stack. any wrapper will cut the results to interaction between wrapper and iperf and will not be representative of network link you have.
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 

Author Comment

by:projects
Comment Utility
I don't mean a wrapper, I mean where php controls the port based on remote IP.
If the remote device authenticates, php could look up it's IP and allow it access to iperf.

Is if possible to run two firewalls on the same system? For example, iptables is already running on the server. Would it be possible to not have iptables block the iperf port but have another firewall which is controlled by php for that port alone?
0
 

Author Closing Comment

by:projects
Comment Utility
These are good points being made. My solution will be to maintain a list of allowed IPs to the service using another application.
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
If your firewall supportes any kind of port knocking it might save you from maintaining the list.
Say ping, then connect to port 28 and 155, then it opens connections to iperf - if you think your firewall can do it - just make it do its job
0
 

Author Comment

by:projects
Comment Utility
In this case no, there is no firewall in front of the server, only iptables.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now