运行在路由器上运行的应用程序的可行性/难度如何?
在我的示例中,我想构建一个应用程序,向加入网络的用户发送某种接口,并在中央站(可能是路由器或中央服务器)对其进行管理。新用户对该界面的输入将被发送回中央站并受到控制。
这有多可信?向新发现的 IP 发送内容现实吗?
In my example, I want to build an application that sends users who join a network some kind of interface and manage this at a central station (possibly the router, or a central server). The new user's input to this interface will be sent back to the central station and controlled.
How plausible is this? Is sending something to a newly discovered IP realistic?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
只要您控制 DNS 服务器,您就可以将它们发送到您喜欢的任何 Web 服务器。
As long as you control the DNS server, you can send them to any web server you like.
完全合理,但您需要一个带有开源固件的路由器,并且您需要使用该源代码的语言进行编程,并拥有工具链来构建固件的二进制文件。
Completely plausible, but you'll need a router with open source firmware and you'll need to program in the language of that source code and have the toolchain to build the binary for the firmware.
我唯一能想到的是 NoCatAuth 和朋友。用户必须使用他们的网络浏览器,但大多数人都习惯了。
The only thing I can think of is NoCatAuth and friends. The user has to use their web browser, but most are accustomed to that.
您是否试图强迫用户使用您的应用程序(例如通过 ISP 销售这些路由器),或者您是否期望用户合作(例如在组织的 WAN 内部)?
如果是后者,设置路由器内部的 DHCP 服务器来提供 HTTP 代理的地址可能就足够了。大多数操作系统/浏览器都会接受它。然后,代理可用于控制网络流量 - 他们可以看到哪些页面,以及哪些页面被重定向到您自己的网络应用程序。
如果用户被视为对手,那么他们覆盖代理设置将是微不足道的。在 LAN/WAN 情况下,您需要确保除了通过代理之外没有任何东西将它们连接到外部世界。
Are you trying to FORCE the users to use your application (e.g. by selling these routers via an ISP), or are you expecting users to co-operate (e.g. inside a organisation's WAN)?
If the latter, it may be sufficient to set the DHCP server inside the router to serve the address of an HTTP proxy. That will get picked up by most OS/browsers. The proxy can then be used to control web-traffic - which pages they can see, and which ones are redirected to your own web-app.
If the user is considered an adversary, it would be trivial for them to override the proxy settings. In a LAN/WAN situation, you need to make sure nothing is connecting them to the outside world, except through the proxy.