The VideoLAN Forums

Hi all,
Is it possible to restrict access to the http interface based on IP address? For example, I want the http interface to only accept connections from 192.168.1.4. Please note that I'm not talking about the host address where VLC is running from.

I know that some of you may think that restricting access to the http interface based on IP address would be a bit of overkill because of the firewalls available today but I still think this would be a useful feature for VLC to have for extra security (after all SSH has this exact feature) Please tell me whether this feature already exists, if it doesn't I'll post a feature request.

Cheers,
Steve

Edit the .hosts file in the http directory.

Thanks for your post. Is the .hosts file in the http directory to do with linux or is it a VLC file? I am running VLC on Mac OSX and so far cannot find an http directory or a .hosts file for VLC anywhere. I also post a message in the Mac OSX section of this forum to see if one of them can help me.

Cheers,
Steve

Hi,

This is a VLC file, inside "share" directory on linux. I don't know when it is located on MacOS.

On linux, this file (".hosts") is at this location: "/usr/share/vlc/http/".
Note that files starting with a dot are hidden files, and you might need to ask explicitly you browser to show you hidden files. If you use command-line, you can use "-a" parameter for "ls" command.

Hi All,
What is the syntax required in the .hosts file for only allowing 192.168.1.4 to access the http interface?
My first attempt at writing up the .hosts file is as follows:
Access-list for VLC HTTP interface
192.168.1.4/255.255.255.254

The error I received was as follows:
main: invalid IP address Access-list
main: cannot add ACL from /Applications/VLC/VLC.app/Contents/MacOS/share/http/.hosts

Cheers,
Steve

regarding my default file, maybe this .host content will work:

VLC expects prefix lengths, rather than network masks.