防火墙阻止了Go开发服务器。

huangapple go评论129阅读模式
英文:

Firewall blocks Go development server

问题

我正在使用Beego框架开发一个Go的API。当我保存文件时,Beego框架会重新启动Go开发服务器,并更新所有内容。

在我的Mac上唯一的问题是,当二进制文件(Go服务器文件)重新构建并重新启动时,我的防火墙会询问是否允许该二进制文件接受传入的网络连接。

我已经进行了一些关于给二进制文件签名等方面的研究,但没有什么帮助,因为每次我修改文件时二进制文件都会重新构建(因此Go开发服务器会重新启动)。

有没有人知道如何在不关闭防火墙的情况下忽略这个弹出窗口的解决方案?

英文:

I'm developing an API in Go with the Beego framework. When I save one of my files, the Go development server restarted by the Beego framework (as usual) and everything is updated.

The only problem on my Mac appears when the binary file (Go server file) is rebuilt and restarted my firewall asks permission to allow the binary file to accept incoming network connection.

I did some research about signing the binary file etc. but nothing helps because the binary is rebuilt after every change in one of my files (so the Go development server restarted)

Does anyone knows a solution to ignore the popup without turning off my firewall?

答案1

得分: 36

根据你的情况,让你的Go程序只在本地主机(127.0.0.1)上监听可能会更容易。这样,程序就不需要请求防火墙穿越,并且你也不会收到该消息。

在Go中,可以这样写:

log.Fatal(http.ListenAndServe("127.0.0.1:8080", router))

而不是:

log.Fatal(http.ListenAndServe(":8080", router))

然后,在构建生产版本之前,你可以添加一个构建或环境变量来禁用仅限本地主机的设置。

英文:

Depending on your situation it may actually be easier to let your go program only listen on localhost (127.0.0.1). This way the program won't need to ask for firewall traversal, and you won't get the message.

In Go that is something like:

log.Fatal(http.ListenAndServe("127.0.0.1:8080", router))

instead of:

log.Fatal(http.ListenAndServe(":8080", router))

You can then add something like a build or env variable to disable the localhost-only thing before you build it for production.

答案2

得分: 3

如果你知道你的Go程序正在监听的TCP/IP端口,你可以在防火墙中打开该端口。

类似这样的命令:

sudo ipfw add 8080 allow tcp from any to any dst-port 8080

应该可以解决问题,但最好先阅读一些关于OSX防火墙的资料。这个讨论看起来很有希望。

编辑:从OSX 10.8开始,ipfw已被弃用(但仍然可用)。现在应该使用pfctl。有一个名为“IceFloor”的GUI工具可用于配置它。

ipfw文档

英文:

If you know what TCP/IP port your Go program is listening on, you can open up the port in the firewall.

Something like:

sudo ipfw add 8080 allow tcp from any to any dst-port 8080

should do the trick, but it's probably worth doing some reading on the OSX firewall. This discussion looks promising.

EDIT: As of OSX 10.8 ipfw is deprecated (it still works though). You should now use pfctl. There's a GUI for configuring it called "IceFloor".

ipfw documentation

huangapple
  • 本文由 发表于 2013年9月24日 18:07:06
  • 转载请务必保留本文链接:https://go.coder-hub.com/18978622.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定