* Add local address and api address #9
Conversation
|
Hi Eugen, I have made a 4.0.4-SNAPSHOT release in my local forked branch: test results are ok. |
|
Hello, The proxy access control should be firewall's job. I don't think we should add this kind of restrictions since this functionality does not belong to a proxy façade. Sorry for your effort and thanks again for your interest in this project. |
|
Hi Eugen, Unfortunate that we won't agree. The proposed enhancement allows you to run Winfoom on a specific address. This is very useful if you would run it on a server with multiple addresses on different VLAN's. You can even run multiple instances of Winfoom on the same port, but on different IP addresses. Also do note that Winfoom supports HTTP mode so you can run it to get access to a regular II Web Server. It is not only about connection to a SOCK proxy. I do hope you reconsider my pull request. Otherwise I'm forced to run a fork of this excellent piece of software. |
Hi Eugen,
In the light of Open Source software, I thought it would be good to give something back to this project.
Winfoom's listeners are currently binding on all available addresses. This can be a security issue, as the proxy can be open to the entire network.
This is not a problem for normal proxy usage. However, when Winfoom is used to access a protected API on an IIS server, the rest of the world is not allowed to do so.
So I have enhanced Winfoom to make the socket listener configurable so that it can be made available only on localhost, for example.
I have also made the API address configurable, so that it can be shielded from the rest of the network as well.
I hope you appreciate my contribution. I'm not a Java guru myself, but I think the enhancement works fine.