Read the statement by Michael Teeuw here.
ipWhitelist HowTo
-
A way to tell if you need to use
"::ffff:192.168.1.120"or just"192.168.1.120"
Runnetstat -lnpt, if you see something like:tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 1271/electron.jsThen you are using IPv4 and should add
"YO.UR.IP.AD"or"YO.UR.IP.AD/24"to the whitelist.If you see:
tcp6 0 0 :::8080 :::* LISTEN 1170/electron.jsYou are using IPv6 address schemas and need to add
"::ffff:YO.UR.IP.AD"or"::ffff:YO.UR.IP.AD/120"to the whitelist.
If you have IPv6 and want to turn it off, add
ipv6.disable=1to your/boot/cmdline.txtand restart your pi. -
Not a fan of this addition; would have rathered it was something you enable rather than disable.
For anyone wondering how to allow all ips, use:
ipWhitelist: ["::fff:0.0.0.0/1", "::fff:128.0.0.0/2", "::fff:192.0.0.0/3", "::fff:224.0.0.0/4", "127.0.0.1", "::ffff:127.0.0.1", "::1"], -
Thanks! That worked for me!
-
Thanks, I do see a inet6 address with the command ifconfig.
I tried to add 10.0.0.95 to the config with no success :-(
But @xer0design’s tip worked!
-
@xer0design verry nice thx!
-
This post is deleted! -
@mochman I have put “/24” in my ipWhitelist. Looking around the forum, I’ve seen that “/120” might help. What I have now seems to be working for my devices, so is there a difference between “/24” and “/120” that I should know about? Which is better?
-
@AAPS If /24 is working for you then stick with it. The /120 just allows less IPs the ability to access your mirror.
If you aren’t forwarding your pi’s ports outside your local network it really shouldn’t matter.
-
Hi all, anybody else having trouble accessing the mirror remotely? I have reinstalled mm (development branch and nodejs v7.7.3), default config. only added allow access from my “lan”.
The mirror shows up on the local screen, so it works.Mirrors IP: 10.0.0.112/24
ipWhitelist: ["::ffff:10.0.0.1/120", "127.0.0.1", "::ffff:127.0.0.1", "::1"],Still I get
0|mm | Access denied to IP address: 10.0.0.99In the log.
My client IP: 10.0.0.99/24
Just to be sure, here is my full config:
/* Magic Mirror Config Sample * * By Michael Teeuw http://michaelteeuw.nl * MIT Licensed. */ var config = { port: 8080, ipWhitelist: ["::ffff:10.0.0.1/120", "127.0.0.1", "::ffff:127.0.0.1", "::1"], language: "en", timeFormat: 24, units: "metric", modules: [ { module: "alert", }, { module: "updatenotification", position: "top_bar" }, { module: "clock", position: "top_left" }, { module: "calendar", header: "US Holidays", position: "top_left", config: { calendars: [ { symbol: "calendar-check-o ", url: "webcal://www.calendarlabs.com/templates/ical/US-Holidays.ics" } ] } }, { module: "compliments", position: "lower_third" }, { module: "currentweather", position: "top_right", config: { location: "New York", locationID: "", //ID from http://www.openweathermap.org appid: "YOUR_OPENWEATHER_API_KEY" } }, { module: "weatherforecast", position: "top_right", header: "Weather Forecast", config: { location: "New York", locationID: "5128581", //ID from http://www.openweathermap.org appid: "YOUR_OPENWEATHER_API_KEY" } }, { module: "newsfeed", position: "bottom_bar", config: { feeds: [ { title: "New York Times", url: "http://www.nytimes.com/services/xml/rss/nyt/HomePage.xml" } ], showSourceTitle: true, showPublishDate: true } }, ] }; /*************** DO NOT EDIT THE LINE BELOW ***************/ if (typeof module !== "undefined") {module.exports = config;}Everything is default, no modules installed… What am I missing?!
-
Have you tried adding
"10.0.0.1/24"to the list since it looks like your client is using an IPv4 connection? -
@mochman Hmm… Clearly I have missunderstood something. I thought this: “::ffff:10.0.0.1/120” was to allow my 10.0.0.x network to access, I have used that from the beginning and it has worked. But yesterday it stopped working. So I added as you suggested “10.0.0.1/24” and it works… So, Thank you! :)
In the instructions in the first post, it’s suppose to be “::ffff:10.0.0.1/120” for a full C-Net. But… Not any more obviously. :)
Thanks again! I’m all happy now!
-
It looks like your raspberry pi started using IPv4 instead of IPv6. the
::ffff:before your ip shows that it’s trying to use a IPv6. That’s where"::ffff:10.0.0.1/120"was working. Seems like something changed though that it’s now using the IPv4 address.
So to cover all your bases, keep both"::ffff:10.0.0.1/120"and"10.0.0.1/24"in and you shouldn’t run into this problem again. -
@mochman Will do, thank you, no idea what changed the behavior. :) But at least I have a totally fresh install now! :)
-
Hi @mochman !! I can access from the same device where I run the MM, but can’t access from external devices (smartphone ie)
Any idea why?Kind regards
-
Is the smartphone on your wifi? If it is, just follow the steps to add your whole subnet.
If you’re trying to access it while using the phone’s network, that’s going to be harder. You’re going to have to configure your router to allow port forwarding to your pi, then figure out what your phones IP is. Then you could be safe and only allow that IP. The problem with that is when your IP changes, you’ll have to edit your whitelist again. You could try to add the class C or D subnet if you don’t want to worry too much about this, but you’ll be opening up your network to the internet in the process so good luck!
-
@mochman Yes, it is in the same network, also I’ve tried sharing internet from my smartphone, and nothing.
Which steps should I follow? -
Please follow the steps outlined at the top of this page. Let me know what you’re seeing when you do those steps.
-
@mochman It’s working! Thanks!
-
The default of [] doesn’t work at all for me. I’m happy to let all devices on my network access my mirror, how do I do this?
It’s not the simplest of features is it!
Hoping someone can help me here :/
-
@Mitchfarino Are you sure?, Can you show the config/config.js ?
There some logs when did you run and access it?
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login