The VideoLAN Forums

Discussion and support for VLC media player and friends

Skip to content

Restricting access to the http interface based on IP address

For questions and discussion that is NOT (I repeat NOT) specific to a certain Operating System.
Post Reply
steven-m
New Cone
New Cone
Posts: 4
Joined: 07 Jul 2008 06:00

Restricting access to the http interface based on IP address

Postby steven-m » 07 Jul 2008 07:13

Hi all,
Is it possible to restrict access to the http interface based on IP address? For example, I want the http interface to only accept connections from 192.168.1.4. Please note that I'm not talking about the host address where VLC is running from.

I know that some of you may think that restricting access to the http interface based on IP address would be a bit of overkill because of the firewalls available today but I still think this would be a useful feature for VLC to have for extra security (after all SSH has this exact feature) Please tell me whether this feature already exists, if it doesn't I'll post a feature request.

Cheers,
Steve :)
Top
Rémi Denis-Courmont
Developer
Developer
Posts: 15337
Joined: 07 Jun 2004 16:01
VLC version: master
Operating System: Linux
Contact:
Contact Rémi Denis-Courmont

Re: Restricting access to the http interface based on IP address

Postby Rémi Denis-Courmont » 07 Jul 2008 17:14

Edit the .hosts file in the http directory.
Rémi Denis-Courmont
https://www.remlab.net/
Private messages soliciting support will be systematically discarded
Top
steven-m
New Cone
New Cone
Posts: 4
Joined: 07 Jul 2008 06:00

Re: Restricting access to the http interface based on IP address

Postby steven-m » 08 Jul 2008 03:53

Thanks for your post. Is the .hosts file in the http directory to do with linux or is it a VLC file? I am running VLC on Mac OSX and so far cannot find an http directory or a .hosts file for VLC anywhere. I also post a message in the Mac OSX section of this forum to see if one of them can help me.

Cheers,
Steve :)
Top
thannoy
Big Cone-huna
Big Cone-huna
Posts: 601
Joined: 20 Mar 2008 09:44
VLC version: 0.9.8a & 1.0-git
Operating System: GNU/Linux Fedora10
Location: France
Contact:
Contact thannoy

Re: Restricting access to the http interface based on IP address

Postby thannoy » 08 Jul 2008 09:20

Hi,

This is a VLC file, inside "share" directory on linux. I don't know when it is located on MacOS.

On linux, this file (".hosts") is at this location: "/usr/share/vlc/http/".
Note that files starting with a dot are hidden files, and you might need to ask explicitly you browser to show you hidden files. If you use command-line, you can use "-a" parameter for "ls" command.
Top
steven-m
New Cone
New Cone
Posts: 4
Joined: 07 Jul 2008 06:00

Re: Restricting access to the http interface based on IP address

Postby steven-m » 10 Jul 2008 12:27

Hi All,
What is the syntax required in the .hosts file for only allowing 192.168.1.4 to access the http interface?
My first attempt at writing up the .hosts file is as follows:
Access-list for VLC HTTP interface
192.168.1.4/255.255.255.254

The error I received was as follows:
main: invalid IP address Access-list
main: cannot add ACL from /Applications/VLC/VLC.app/Contents/MacOS/share/http/.hosts

Cheers,
Steve :)
Top
thannoy
Big Cone-huna
Big Cone-huna
Posts: 601
Joined: 20 Mar 2008 09:44
VLC version: 0.9.8a & 1.0-git
Operating System: GNU/Linux Fedora10
Location: France
Contact:
Contact thannoy

Re: Restricting access to the http interface based on IP address

Postby thannoy » 10 Jul 2008 13:54

regarding my default file, maybe this .host content will work:

Code: Select all

# localhost ::1 127.0.0.1 # for an address range if you want #192.168.1.0/32 # specific address 192.168.1.4 # The world # (comment this out to obtain a safe default) #::/0 #0.0.0.0/0
Top
Rémi Denis-Courmont
Developer
Developer
Posts: 15337
Joined: 07 Jun 2004 16:01
VLC version: master
Operating System: Linux
Contact:
Contact Rémi Denis-Courmont

Re: Restricting access to the http interface based on IP address

Postby Rémi Denis-Courmont » 10 Jul 2008 17:08

VLC expects prefix lengths, rather than network masks.
Rémi Denis-Courmont
https://www.remlab.net/
Private messages soliciting support will be systematically discarded
Top
Post Reply

Return to “General VLC media player Troubleshooting”

Who is online

Users browsing this forum: No registered users and 20 guests

Powered by phpBB® Forum Software © phpBB Limited
GZIP: On