rejetto forum

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Tsuna

Pages: 1
1
Beta / Re: version 2.4
« on: April 04, 2022, 12:45:39 PM »
The HFS 2 "dying" problem is around there long time ago,
it's (very likely) just because the application structure of underlying tech (delphi) that's not suitable for a server.
Many people are thinking or complaining, but the truth is that it can't be fixed easily on HFS 2 itself :'(

Few days ago I come up an idea about a small middleware for HFS 2, that can have additional features on server regulation.

In my mind it can, for example, when a file is requested, send the file by itself while let HFS rest & just do lightweight jobs (then proxy though the middleware).
(Note: just big network flow would stuck HFS)
And also something like page caching, along with many more tricks... ::)
Of course permissions are obeyed, the main role is still HFS :D it's behavior is totally controlled by HFS (with event script, I think)

While everybody use HFS for it's simplicity, a silent and friendly middleware won't trouble much, right? :)

The sad side is I've promised to 2 long-term development things and I'm unable to make it in a short period :(
Let me meet a chance and pick some time to try it...


Rejetto is working on HFS (it's a new remake with the goal to surpass the current one)
Might wanna assist on that infact.

2
Beta / Re: version 2.4
« on: April 04, 2022, 08:32:19 AM »
released just now
https://github.com/rejetto/hfs/releases/tag/v0.15.0

if you need support on setting it up, feel free to contact me on telegram, with this same nickname

I'll drop you a ping now on Telegram as I am forever active there.
Will look into the GitHub release tonight and keep you posted.

3
Beta / Re: version 2.4
« on: April 04, 2022, 08:31:19 AM »
hi guys, I'm at the moment unable to work on hfs 2.*, as necessary tools are not working correctly.
Exactly these days I was testing proxy functionality for next release of HFS 3.
Would you try that?

Absolutely open for testing and bug reporting.
Our current issues with HFS are
- Proxied download doesn't provide real IP often, which is why speed limits can't work
- On a busy server HFS just randomly dies x_x where noone can't connect but turn it off and on and it's all good
- Sometimes it forgets the VFS and is sitting there all blank with my only folder not added
- Command line switch to turn HFS off gives a visual prompt of "there are x active connections would you like to close them too y/n" and this popup stays on HFS, so keep turning it off and on via command like and you have a staircase.


Either way, would we happy to test the version 3 with you actively and report issues and updates.

How do I signup for this? (There isn't a repo on GitHub saying HFS3)

4
Beta / Re: version 2.4
« on: April 04, 2022, 02:59:44 AM »
I am using v 2.4 RC7 on Windows 19 20h2. With no reason the HFS crashes by itself. Looks like it is on every 5 minutes. I checked the Event Viewer - nothing there.
Please help!

Same issue, I run this on 5 diff windows servers - the latest RC7 is the only one that is passing real IP of the user through my proxy
However, randomly - it just stops taking new connections, switching the server off and then on fixes it, i couldn't find why this happens and had to resort to run a script that checks 24x7 if hfs is not accepting downloads and kills it and runs it again.


5
Not working. REEEEEEE

I want that the file can be only accessed by a specific IP I want.

like a folder's file can be accessed through 1.1.1.1 nor can access the file.

6
Using the latest dev version and having a roadblock where I want to limit a folder such that only a specific IP can view it/access it
But unable to find anything like this in the docs or on the forum

I think it may be possible via a script for that folder? Looking for some guidance on the same

7
HFS ~ HTTP File Server / Re: [REQUEST]Show IP address by using forwarded IP
« on: December 21, 2020, 07:53:16 AM »
it was introduced in build #199.

+ show header(http_x_forwarded_for) instead of IP, but only if IP in a customizable ip-mask (127.0.0.1 by default) www.rejetto.com/forum/?topic=5811

at the moment there's no graphical way to edit this mask, you must edit the ini file and search for the line starting with
forwarded-mask=

You may even put * as mask, that will enable the feature for every address.
This is not so by default because the content of that header may be tampered and be not the real ip but anything. It's up to you to trust what the proxy says.

When you said you may even put * as mask did you perhaps mean
"forwarded-mask=::1;127.0.0.1" >> "forwarded-mask=*" ?

9
there is no solution, stunnel does not allow to transmit external ip addresses except in its linux version

http://www.rejetto.com/wiki/index.php?title=HFS:_Secure_your_server
What about a reverse proxy?
I setup a reverse proxy over a cloudflare worker >> dns >> HFS server
I tried passing the cf connecting ip header and the xforwarded for header, the best i could get it to was show the "IP connected" log output.
But when I download the file, it wont show the origin IP but of cf instead.

Am i doing things wrong or is HFS simply not accepting the header?

10
HFS ~ HTTP File Server / Re: Help starting and securing HFS
« on: April 15, 2020, 12:29:39 AM »
Thanks for all the quick replies and the patience for the same.

I notice that HFS does include the "allow referer" option, can this now be used to control download mooching?
Properties for folder
Flags: disable Browsable

See also http://rejetto.com/forum/index.php?topic=13262.msg1065337#msg1065337

Update: prevent edit the url
Code: [Select]
[+download]
{.if not|{.header|Referer.}|{:{.disconnect.}:}.}
Will look into these.


1.
add /* at the end
I don't remember the necessary syntax right now, but i've found this old post about it
http://rejetto.com/forum/index.php?topic=11602.msg1060404#msg1060404

Oh, I'm gonna try that, if it does work then I can somewhat prevent some level of mooching.


3. you can protect file2 from being guessed in 2 easy ways
- you can add something to the name, like file2-xyz
- you can leave the original name, but create a virtual folder xyz and put file2 there
I had the exact idea, I suggested we add a small CRC code to the end of the file, this makes guess work moot.
I think virtual folders are a no no, the app itself says not to use them cause the folder size is large (8k ish files and 800gb ish)


Rejetto - ideally, all of this can be fixed if we can add a "expiring links" say, just include nan expiring token for a session so that links are only valid for that user for that session.
Deny if Ip doesn't match would work smooth.

pair this up with referer match and boom, safe and secure

11
HFS ~ HTTP File Server / Help starting and securing HFS
« on: April 13, 2020, 05:58:48 PM »
I wanted to run a fie download server with HFS and got stuck with some issue

The setup I'm aiming for is like this

for site.com (where links will be posted)
and say.. files.site.com (the URL for the files)
Links to stuff on-site >> a proxy server over Nginx to secure my source server > links

Problems, major problems that I'm stuck with
1. How to configure referee function on rejetto, such that if a user takes a files.site.com/linktofile URL and steals is, they cant use it.
Ive no idea how I can get the referee to work, what should we even write here? https://site.com ? (didn't work)
Maybe my Nginx isn't passing it, idk.

2. How do you control/disable "get list" function
I can edit the HTML and remove the button, but it wont matter if a user knows I'm using rejetto's fs, go to files.site.com/?tpl=list&folders-filter=\&recursive
And done, all links are yours (getting point1 to work would be a great help here though)

3. If a user downloads files.site.com/stuff/file1 he can figure out file2, file3 and so on. (This I actually asked in a different thread, if I can get point 1 and 2 to work, I can fix most of the damage)

I really want to use this to deliver my files but cant cause once I do, people are bound to steal the links and I'm done for. :/
Kindly assist, if this can be worked around, id like to know how.
If this cant be worked around, id like to know that as well so I can give up on this idea entirely.

12
router & port problems / Re: Query regarding "URL path masking"
« on: March 21, 2020, 01:48:49 PM »
Or we could base64(not a nice solution tbh) but seems like a dirty hack could do.
At the moment the only thing stopping me from using hfs is that the urls are visible clean.



13
router & port problems / Query regarding "URL path masking"
« on: March 21, 2020, 06:44:58 AM »
Been a fan of HFS for years now, testing and that and using it for casual stuff.

Recently tried to setup a small server to test things out, stuck with a small issue about url path
For ex

I have hfs running at site.com and there are files i want to provide existing at site.com/folder/file1,2,3 and so on
Problem is if a user knows the path of file1, he can simply edit the url and leech.


I can block "reading,viewing" the root or "folder" so user cant view all my files but can still try

site.com/folder/file1
site.com/folder/file2
site.com/folder/file3


is there any setting/method i missed under hfs that allows me to hide my paths in urls?
like maybe
site.com/akjwhdakwdakjwd.file
?


Pages: 1