Re: [External] org.apache.catalina.valves.RemoteAddrValve
LOL, I'm decent at regex Robert. I got the \d+ from what ships in the context.xml: 127\.\d+\.\d+\.\d+ It looks like an attempt at saying localhost can get in as long as the localhost IP starts with 127. I assumed it wasn't actually regex but some "tomcat language"... Thanks for the education! I'll jump back on here if things don't work on the other side of the firewall... On Thu, Apr 4, 2024 at 12:11 PM Robert Egan wrote: > You need to read up on "regular expressions" (or "regex"). > > In a regular expression, a lowercase "d" is a single decimal digit. A "+" > means one or more of them. A period means ANY character (which is why you > have to escape it when you mean "period"). A backward slash means to treat > the character immediately after it normally and not as a special character. > So "\d" would mean the literal letter "d". > > There's more rules, but they're well documented all over the internet, so I > won't elaborate. > > Robert Egan > > > On Thu, Apr 4, 2024 at 2:01 PM Eric Fetzer wrote: > > > Thanks for the quick response Robert! So I tried escaping the periods > and > > putting the \d+ for the * but it didn't work. Is the \d+ incorrect in > > substitution for *? > > > > On Thu, Apr 4, 2024 at 11:53 AM Robert Egan > > wrote: > > > > > It looks like you need to escape your periods, like you did for 127\. > > > etc... > > > 1\.3\.5 > > > Robert Egan > > > > > > On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer > > wrote: > > > > > > > Hi All, > > > > > > > > When I originally set up my tomcat instance, I added the following to > > > allow > > > > manager access under > /opt/tomcat/webapps/manager/META-INF/context.xml: > > > > > > > > > > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" /> > > > > > > > > That worked wonderfully. Now I'm trying to add another IP range by > > > > changing it to: > > > > > > > > > > > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*" > > > /> > > > > > > > > This is not working. I tried to use 2\.4\.6\.\d+ as well but that > > didn't > > > > work either. I've verified I can get to port 8080 from the IP > > locations. > > > > Any idea what I'm doing wrong or do you have a means to troubleshoot > > > this? > > > > > > > > Thanks, > > > > Eric > > > > > > > > > >
Re: [External] org.apache.catalina.valves.RemoteAddrValve
Sorry folks (Robert), but upon further testing, it looks like port 8080 isn't open on these IP's. I was mistaking the attempt to connect from my curl command with a response. I withdrawal my question for now. I'll reply to this thread if it doesn't work once the hole in the firewall is carved properly. Thanks! On Thu, Apr 4, 2024 at 11:58 AM Eric Fetzer wrote: > Thanks for the quick response Robert! So I tried escaping the periods and > putting the \d+ for the * but it didn't work. Is the \d+ incorrect in > substitution for *? > > On Thu, Apr 4, 2024 at 11:53 AM Robert Egan > wrote: > >> It looks like you need to escape your periods, like you did for 127\. >> etc... >> 1\.3\.5 >> Robert Egan >> >> On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer wrote: >> >> > Hi All, >> > >> > When I originally set up my tomcat instance, I added the following to >> allow >> > manager access under /opt/tomcat/webapps/manager/META-INF/context.xml: >> > >> > > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" /> >> > >> > That worked wonderfully. Now I'm trying to add another IP range by >> > changing it to: >> > >> > > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*" >> /> >> > >> > This is not working. I tried to use 2\.4\.6\.\d+ as well but that >> didn't >> > work either. I've verified I can get to port 8080 from the IP >> locations. >> > Any idea what I'm doing wrong or do you have a means to troubleshoot >> this? >> > >> > Thanks, >> > Eric >> > >> >
Re: [External] org.apache.catalina.valves.RemoteAddrValve
You need to read up on "regular expressions" (or "regex"). In a regular expression, a lowercase "d" is a single decimal digit. A "+" means one or more of them. A period means ANY character (which is why you have to escape it when you mean "period"). A backward slash means to treat the character immediately after it normally and not as a special character. So "\d" would mean the literal letter "d". There's more rules, but they're well documented all over the internet, so I won't elaborate. Robert Egan On Thu, Apr 4, 2024 at 2:01 PM Eric Fetzer wrote: > Thanks for the quick response Robert! So I tried escaping the periods and > putting the \d+ for the * but it didn't work. Is the \d+ incorrect in > substitution for *? > > On Thu, Apr 4, 2024 at 11:53 AM Robert Egan > wrote: > > > It looks like you need to escape your periods, like you did for 127\. > > etc... > > 1\.3\.5 > > Robert Egan > > > > On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer > wrote: > > > > > Hi All, > > > > > > When I originally set up my tomcat instance, I added the following to > > allow > > > manager access under /opt/tomcat/webapps/manager/META-INF/context.xml: > > > > > > > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" /> > > > > > > That worked wonderfully. Now I'm trying to add another IP range by > > > changing it to: > > > > > > > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*" > > /> > > > > > > This is not working. I tried to use 2\.4\.6\.\d+ as well but that > didn't > > > work either. I've verified I can get to port 8080 from the IP > locations. > > > Any idea what I'm doing wrong or do you have a means to troubleshoot > > this? > > > > > > Thanks, > > > Eric > > > > > >
Re: [External] org.apache.catalina.valves.RemoteAddrValve
Thanks for the quick response Robert! So I tried escaping the periods and putting the \d+ for the * but it didn't work. Is the \d+ incorrect in substitution for *? On Thu, Apr 4, 2024 at 11:53 AM Robert Egan wrote: > It looks like you need to escape your periods, like you did for 127\. > etc... > 1\.3\.5 > Robert Egan > > On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer wrote: > > > Hi All, > > > > When I originally set up my tomcat instance, I added the following to > allow > > manager access under /opt/tomcat/webapps/manager/META-INF/context.xml: > > > > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" /> > > > > That worked wonderfully. Now I'm trying to add another IP range by > > changing it to: > > > > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*" > /> > > > > This is not working. I tried to use 2\.4\.6\.\d+ as well but that didn't > > work either. I've verified I can get to port 8080 from the IP locations. > > Any idea what I'm doing wrong or do you have a means to troubleshoot > this? > > > > Thanks, > > Eric > > >
Re: [External] org.apache.catalina.valves.RemoteAddrValve
It looks like you need to escape your periods, like you did for 127\. etc... 1\.3\.5 Robert Egan On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer wrote: > Hi All, > > When I originally set up my tomcat instance, I added the following to allow > manager access under /opt/tomcat/webapps/manager/META-INF/context.xml: > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*" /> > > That worked wonderfully. Now I'm trying to add another IP range by > changing it to: > > allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|1.3.5.*|2.4.6.*" /> > > This is not working. I tried to use 2\.4\.6\.\d+ as well but that didn't > work either. I've verified I can get to port 8080 from the IP locations. > Any idea what I'm doing wrong or do you have a means to troubleshoot this? > > Thanks, > Eric >
