Separate LAN & WAN

[Jose]

I would like to add some folders to HFS that can only be accessible via the LAN-IP (192.168.2.x) and are not accessible (or even better: not visible) to users outside the local network.

Is that possible?

[Foggy]

The only way to do that without an ip filter for the folder is to use user accounts, simply create a user account that has access to the folder and only share its user/pass with who ever is on the lan.

Edit: Tsg or Rejetto you should probably split this into 2 topics.

[Jose]

How can I set that filter in HFS, I didn't find a menu option in expert mode.
I just thought it would be nice to seperate LAN & WAN, for example I would like to give access to all LAN users in a hall of residence (students residence) without creating user accounts & password, because I may trust those LAN users ...

[Foggy]

you cant

Currently the only ip filter available is for access to the server in general that is why I suggested the user accounts. Although rejetto might consider adding per folder ip filters in the future.

[rejetto]

This sounds like an interesting feature.
It will probably be available in few days in version 2.3 beta.

[bacter]

If rejetto considers treatment to distinguish lan and wan, I would by the way suggest two options more:

1. Consider lan-traffic in speed-data (on/off): so if set to off, the speed-traffic image shows only wan traffic (which actualy disappers allmost if you have a lan-access with some MBytes/s).

2. Consider lan-traffic as download (on/off): avoids to increase download-counters with frecuent lan-access.

naturally, all done with a lanmask like 192.168.10.* or something like that, or even defining an lan-address range  192.168.1.2... 9, to distinguish perhaps wlan-dhcp range 192.168.1.20 upwards count as download.

[rejetto]

your FR is now in the to-do-list bacter,
but that will actully require a change in the HTTP engine of HFS.

[bacter]

Thanks rejetto for adding this to TO-DO.

But by the way I would also suggest some other, very related thing. Graphs and exhaustive speed are most interesting only for the admin of the server.

But it would be nice to be able indicating to the visitor in some way the serverload, so he could know aproximately at which speed or in what time he could download a (big) file.
We have now the value %speed-out%, but thes value is almost useless because of the spikes of downloadspeed.
If you could use the wan-traffic in specific intervals (30..300 secs) to get a middled value for download speed. So on each server, knowing the upload speed of our wan-access, we could show serverload ond/or possible download speed that visitor may expect at this moment.

new: -> %traffic-out% = wan(out)traffic in interval x / x

This would only be necessary for outgoing traffic, as asimetry of wan conections leaves the bottleneck only on upload to wan.

[rejetto]

inside HFS we already have the speed and the ETA calculated over 5 seconds.
isn't it wide enough to amortize the "spikes" ?
i may just make this info available.

[bacter]

The 5 second interval is not enough to show real server load.

Think of users that browse through the folders with some images, or that only download a file of a few MBytes. That will last more than 5 sec, so using outgoing speed may be full bandwith during this interval, even if there is really bandwidth available to serve other useres.

But don't waste your valuable time at this at the moment thinking about this, because there's no simple and usefull solution.

Even using a greater interval the value may not be usefull in the case of more users conected, as there is no way to know what users are doing:
I can have 3 users only browsing (generating less traffic than bandwith allows in 5 minutes). So we would have good value for available bandwidth, but:

Depending of the moment when we pick the value, they appear as 0..3 downloading users! If one of them (or a forth user) is really downloading for more time, all values get useless, not because the full bandwith is used, but because of the number of simultaneous download-users: There is no way to know with how much people we really have to share the bandwith, so any number would be useless to predict the available download-speed dividing the value using the number of downloading users (1+ (0..3 ?)).

Only more graphs which shows users conected/downloading over time could give more acurrate information. But that's exactly what I want to avoid: graph's and kbp/s are for techies, and i wanted a simple semaphore-like style (green, yellow, red) and/or an simple indicator (1 Mbyte download will last about 25 sec..) for non-techies.

Thank you.

[rejetto]

if you don't update your "semaphore", the red situation may come just few seconds after its loading, and you will give a bad information to the user.

you should aim at a refreshing thing, like using AHAH.

[bacter]

Even with AHAH it'seems difficult to decide what to show. So i decided that users have to estimate based on their experience how download will work, when there are n users conected and m downloading. If there will be to much bottlenecks, best is to upgrade bandwidth with ISP and forget semaphore-like things.