For software I am developing, I need to have a list of external IP addresses that Google App Engine uses for urlFetch requests. Getting a complete list is proving difficult.
The accepted wisdom as detailed on SO is to use the output from...
dig -t txt _netblocks.google.com
...but unfortunately this list is incomplete. For example, my urlFetch requests currently emerge from unlisted addresses:
US based App: 8.35.201.x
EU based App: 8.35.200.x
Is there any way to get an actively updated list of external IP addresses used by urlFetch?
The official advice is https://developers.google.com/appengine/kb/general#static-ip. Note that relying on Static IP addresses is bad, for all the reasons listed on that page.
So, the answer is:
dig txt _cloud-netblocks.googleusercontent.com +short
"v=spf1 include:_cloud-netblocks1.googleusercontent.com include:_cloud-netblocks2.googleusercontent.com include:_cloud-netblocks3.googleusercontent.com ?all"
Related
A couple of our clients want to know - looking at some posts about there is inconsistent information.
http://code.google.com/p/googleappengine/issues/detail?id=1144
The answer is "No", for now and long after.
of cz google support his service in china,
but not china gov.
appspot is blocked by a big firewall around china.
by the way, it works when Obama visitting china.
Based on tests I conducted it appears that App Engine itself is not blocked in China, but the appspot.com domain is. So if you can use your own domain then App Engine should work fine for you.
In fact, if you use yourapp.appsp0t.com (with a zero instead of an o) then it seems to work as well at the moment, although I would not really recommend relying on this work-around in the long run; it opens your app and your users to Man in the Middle (MITM) attacks from whoever runs appsp0t.com.
Here are some tools you can use to check availability and performance from China:
http://www.greatfirewallofchina.org/
http://www.websitepulse.com/help/testtools.china-test.html
http://www.dotcom-monitor.com/WebTools/website-speed-test.aspx
Not directly, since Google DNS server is blocked by 'Great Firewall', therefore one cannot reach myapp.appspot.com within China.
However, you can work around by setting up a reverse-proxy server, which redirects myapp.com to myapp.appspot.com.
What about using custom domain name?
This will get around the DNS resolution. But is the google IP address range allocated for appengine blocked by china? If so, you then you have to use the reverse proxy solution.
I'm working with a third party webservice who requires that all calls to their service are made from whitelisted IP addresses. That is, I must give them IP addresses from which I will be making calls to their service.
Problem is I'm using Google Appengine. Is there any way to get a static IP address when making outgoing http requests from Appengine? Failing that - is there a block of IP addresses that all requests will come from? I could get the entire bloc whitelisted. If this exists, how likely is it to change?
I know I could setup a simple Amazon EC2 instance to use as a proxy (will ask another question for how to do this specifically) but just wanted to make sure there was no other way.
I had the same problem a couple of weeks ago connecting via Urlfetch from Google App Engine to the Stack Exchange API (The team has promptly fixed the problem whitelisting all the GAE IPs).
The range of IP addresses that urlfetch connections may come from, can be found by performing the following DNS lookup:
dig -t TXT _netblocks.google.com #ns1.google.com
Last I checked this wasn't possible. You can get the current IP address dynamically, but it isn't predictable.
Please note: _netblocks.google.com is apparently not accurate. Currently I have noticed that GAE connects from addresses not listed when you dig _netblocks, for example from 8.35.201.166.
This range is not listed in _netblocks, _netblocks2 or _netblocks3.
Current dig output:
ip4:216.239.32.0/19
ip4:64.233.160.0/19
ip4:66.249.80.0/20
ip4:72.14.192.0/18
ip4:209.85.128.0/17
ip4:66.102.0.0/20
ip4:74.125.0.0/16
ip4:64.18.0.0/20
ip4:207.126.144.0/20
ip4:173.194.0.0/16
What environment-independent tools are available to detect new spam blogs or comments appearing on a hosting infrastructure?
As an occasional hosting provider, we want to watch for new blogs or comments which appear spammy, but avoid relying on plugins or modules in the CMS environment (because these are easy to circumvent, or expose only to Google).
A (pseudo) example would be to set up Google Alert for "viagra ip:10.0.0.1", where 10.0.0.1 is the front-facing IP of the servers. (Google doesn't offer such an advanced operator term though ...)
Seems I'm looking for a combination of Nagios + Google Alerts + ( ??? ) ... what does fill this space?
I would setup an hourly cronjob that wgets the entire website then greps the resulting files for whatever spam strings you're looking for an alerts on a hit. Let me know if you'd like me to hack up a quick example, or if thats not the direction you were thinking.
Here is what I'd like to achieve
http://foo.somedomain.com gets handled by
http://myapp.appspot.com/foo (google appengine app myapp)
and the underlying url is masked.
Note the following:
somedomain.com is a third party domain that would like to add foo.somedomain.com
mydomain.com would be CNAME'd to myapp.appspot.com
mydomain.com/foo would point to myapp.appspot.com/foo
other scenarios
can foo.mydomain.com be made to point to myapp.appsot.com/foo
can foo.somedomain.com point directly to myapp.appspot.com/foo
Added: myapp.appspot.com is developed using django w/ app-engine-patch
You can't do this in the way described. In order to do this, you need to:
CNAME foo.somedomain.com to ghs.google.com (not to myapp.appspot.com)
Set up Google Apps for your Domain on somedomain.com, if it's not already
Add the app 'myapp' to foo.somedomain.com through the Apps control panel
Once that's done, your app can check self.request.host to determine which hostname was sent, and route requests appropriately.
You can parse the sub-domain from the Host header, then call the webapp.RequestHandler appropriate for the path /[sub-domain], assuming *.yourdomain.com is directed to the Google App Engine application.
Have a look at webapp.WSGIApplication and see if there's a way to get the mapped webapp.RequestHandler for a path. Alternatively, you might be able to modify the request object to change the requested path (this I'm not sure about, however.)
This question was asked in one of the 2009 Google I/O app engine talks. Unfortunately the answer given was along the lines of not supported at this time but the possibilities of some workarounds may exist. 2009 Google I/O videos
I am developing a web app that will be hit frequently by mobile browsers. I am wondering if there is a way to get enough information from the browser request to lookup position data (triangulation or GPS) Not from the request directly, of course. A colleague suggested there some carriers supply a unique identifier in the request header that can be sent to a web service exposed by said provider that will return position data if the customer has enabled that. Can anyone point me in the right direction for this or any other method for gleaning position data, even very approximate. Obviously this is app candy, e.g. if the data is not available the app doesn't really care...
Or perhaps a web service by carrier that will provide triangulated data by IP?
Google has ClientLocation as part of their AJAX APIs. You'll need to load Google's AJAX API (requires an API key) and it'll try to resolve the user's location data for you.
I've got blackberry gps to javascript working OK in a GMaps mashup. Pretty simple, actually. http://www.saefern.org/tickets/test4.php -- help yrself to view source.
(I don't currently have a bb. A user emailed me with "... it seems to be polling every 15 seconds or so, so it keeps adding new locations ... ".)
I'm looking for javascript gps info on an iPhone equivalent. And Nokia, and ... .
Any information appreciated.
I have used this javascript library sucessfully:
http://code.google.com/p/geo-location-javascript/
The examples work great. The user will always be prompted to share their location--don't know a way to avoid that.
Use the source IP address to approximate a network location. No, you won't get latitude and longitude in an HTTP request from an iPhone. Not unless you write a 3rd party app and ask them to run it.
You might be better off just running a poll on your website.
I know that some providers in Japan have a tracking service for location of cellphones.
I also know that the information is not public. I think you need to have a very good reason before the provider gives that information free as it is in my opinion sensitive personal data. Of course they will give the information to police officers but not to the general public.