MagicMirror² v2.7.0 is available! For more information about this release, check out this topic.

ipWhitelist HowTo



  • LOL. Not sure if you mean me, but yes I have read this thread from beginning to end and it doesnt resolve my white list issues. This for whole forum is not that big. I’d be willing to bet I have read most of it



  • The reason why “/24” works
    A couple different threads state to add /24 to the end of the IP address. (I’ve put a couple of those up before doing some research too). While this will indeed allow your network devices access to your magic mirror, it will also allow any device with an IPv4 based address access to your mirror (obviously your router would need to be configured to allow this).
    This “/24” in IPv6 CIDR allows 20,282,409,603,651,670,423,947,251,286,016 different IP addresses access. (IPv4’s total addresses are 4,294,967,296).


    More information
    If you’d like to learn more or have different sub-netting needs, I found this page useful.

    I don’t ageee with that. 192.167.1.0/24 is everything in the 192.168.1.x range, nothing more nothing less. If it allows more than this is a massive flaw/security risk.

    If you want to allow your own subnet then just look at your subnet mask and use google to get the CIDR



  • I agree that /24 is 255.255.255.0 or 192.268.x.0 to 192.168.x.255

    That’s why these issues are making me crazy aka can’t figure them out.



  • FOUND A WAY TO RESOLVE THIS!

    Add

    cat /etc/modprobe.d/ipv6.conf 
    # Don't load ipv6 by default
    alias net-pf-10 off
    # uncommented
    alias ipv6 off
    # added
    options ipv6 disable_ipv6=1
    # this is needed for not loading ipv6 driver 
    blacklist ipv6
    

    to turn off all IPv6 on the Raspi.
    Than edit all the IPv6 out of your config file.

     },
            ipWhitelist: [
                    "192.168.0.92",
                    "192.168.0.1/24",
                    "127.0.0.1"
    
    

    I still have the .92 in there from testing. It is not needed.

    did a sudo reboot just for safe measure and now it all seems to be working as intended. No real idea what the actual issue was…but it is resolved. FINALLY! 🙂


  • Project Sponsor

    Maybe I have missed this from someone else, but one important thing about the whitelisting message:

    “This device is not allowed to access your mirror.
    Please check your config.js or config.js.sample to change this.”
    

    The EXACT SAME message appears (in my case) if the config.js has syntax errors. Locally your mirror will tell you that there is no config file or just give you a black screen, but if you try to reach it from outside through a browser (Firefox and Chrome in my case) with a broken config.js, you will get the whitelisting message above.

    So, before trying to get your ipWhitelist in the right shape, make sure you have no other syntax errors with the mirror, e.g. using

    npm run config:check
    

    If you had some and had them corrected, be safe and restart the mirror.
    Below you can see the example in my case.

    pi@magicmirror2:~ $ tail ~/.pm2/logs/mm-out-0.log
    No helper found for module: helloworld.
    All module helpers loaded.
    Starting server on port 8080 ...
    Server started ...
    Connecting socket for: updatenotification
    Sockets connected & modules started ...
    Launching application.
    Access denied to IP address: 66.249.93.64
    Access denied to IP address: 80.157.5.50
    Access denied to IP address: 80.157.5.50
    pi@magicmirror2:~ $ cd MagicMirror/
    pi@magicmirror2:~/MagicMirror $ npm run config:check
    
    > magicmirror@2.1.2 config:check /home/pi/MagicMirror
    > node tests/configs/check_config.js
    
    Checking file...  /home/pi/MagicMirror/config/config.js
    Line 260 col 9 Expected ']' to match '[' from line 26 and instead saw '{'.
    Line 261 col 16 Expected '}' to match '{' from line 11 and instead saw 'module'.
    Line 261 col 22 Missing semicolon.
    Line 261 col 16 Unrecoverable syntax error. (95% scanned).
    pi@magicmirror2:~/MagicMirror $ sudo nano config/config.js
    pi@magicmirror2:~/MagicMirror $ npm run config:check
    
    > magicmirror@2.1.2 config:check /home/pi/MagicMirror
    > node tests/configs/check_config.js
    
    Checking file...  /home/pi/MagicMirror/config/config.js
    Your configuration file don't containt syntax error :)
    pi@magicmirror2:~/MagicMirror $ pm2 restart mm
    Use --update-env to update environment variables
    [PM2] Applying action restartProcessId on app [mm](ids: 0)
    [PM2] [mm](0) ✓
    ┌──────────┬────┬──────┬─────┬────────┬─────────┬────────┬─────┬──────────┬──────┬──────────┐
    │ App name │ id │ mode │ pid │ status │ restart │ uptime │ cpu │ mem      │ user │ watching │
    ├──────────┼────┼──────┼─────┼────────┼─────────┼────────┼─────┼──────────┼──────┼──────────┤
    │ mm       │ 0  │ fork │ 901 │ online │ 6       │ 0s     │ 18% │ 2.3 MB   │ pi   │ disabled │
    └──────────┴────┴──────┴─────┴────────┴─────────┴────────┴─────┴──────────┴──────┴──────────┘
     Use `pm2 show ` to get more details about an app
    pi@magicmirror2:~/MagicMirror $
    
    


  • @mochman said in ipWhitelist HowTo:

    tail -f ~/.pm2/logs/mm-out-0.log

    Use pm2 show to get more details about an app
    pi@raspberry:~ $ tail -f ~/.pm2/logs/mm-out-0.log
    Initializing new module helper …
    Module helper loaded: MMM-OnScreenMenu
    No helper found for module: compliments.
    No helper found for module: MMM-PrayerTime.
    No helper found for module: MMM-Advent.
    Initializing new module helper …
    Module helper loaded: MMM-FRITZ-Box-Callmonitor
    No helper found for module: MMM-Callmonitor-Current-Call.
    No helper found for module: currentweather.
    No helper found for module: weatherforecast.

    no find out ipWhiteList



  • I just updated to the latest version of MM and am having White-list issues once again. I am using my exact same config.js file that was allowing any incoming connection. prior to the upgrade. I have attempted to debug but am not seeing any connection refusals in the mm-out-0.log. I have tried various fixes from posts on this forum, including disabling IPv6. I have confirmed my CIDR criteria using https://www.ipaddressguide.com/cidr#range attempting different variations to get anything to pass through with no luck.

    I use MMM-syslog as a notification system from various sources and am basically in the dark now. Is there anyone having similar issues with the latest version, any luck on how to fix?


  • Project Sponsor Module Developer

    @Oss

    Have you tried this at the beginning of your config?:

    var config = {
    	address: "0.0.0.0", 
    	port: 8080,
    	ipWhitelist: [],
    


  • @Mykle1

    My hats off to you Mykle1, made that change to my config file and its working perfectly!! Thank you so much for your quick reply!!


  • Project Sponsor Module Developer

    @Oss

    'Welcome, mate.

    Peace!