From user-return-6264-archive-asf-public=cust-asf.ponee.io@guacamole.apache.org  Thu May 30 18:46:10 2019
Return-Path: <user-return-6264-archive-asf-public=cust-asf.ponee.io@guacamole.apache.org>
X-Original-To: archive-asf-public@cust-asf.ponee.io
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [207.244.88.153])
	by mx-eu-01.ponee.io (Postfix) with SMTP id AFCFF180638
	for <archive-asf-public@cust-asf.ponee.io>; Thu, 30 May 2019 20:46:09 +0200 (CEST)
Received: (qmail 7382 invoked by uid 500); 30 May 2019 18:46:08 -0000
Mailing-List: contact user-help@guacamole.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@guacamole.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@guacamole.apache.org>
List-Post: <mailto:user@guacamole.apache.org>
List-Id: <user.guacamole.apache.org
Reply-To: user@guacamole.apache.org
Delivered-To: mailing list user@guacamole.apache.org
Received: (qmail 7373 invoked by uid 99); 30 May 2019 18:46:08 -0000
Received: from Unknown (HELO mailrelay1-lw-us.apache.org) (10.10.3.159)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 May 2019 18:46:08 +0000
Received: from mail-qk1-f178.google.com (mail-qk1-f178.google.com [209.85.222.178])
	by mailrelay1-lw-us.apache.org (ASF Mail Server at mailrelay1-lw-us.apache.org) with ESMTPSA id 44DC38A35
	for <user@guacamole.apache.org>; Thu, 30 May 2019 18:46:08 +0000 (UTC)
Received: by mail-qk1-f178.google.com with SMTP id c70so4548623qkg.7
        for <user@guacamole.apache.org>; Thu, 30 May 2019 11:46:08 -0700 (PDT)
X-Gm-Message-State: APjAAAWJk8egGlnTeIUS3Y+2Iip5qRL9JTBNGMbpngwFPGUsVqYDhVx4
	pEtYQaHQz+WlZuP6DvQm7poRjX9QOgm64x44K/14Yg==
X-Google-Smtp-Source: APXvYqzZXZh0iGypirhywSKCYFZ+6p9WbUl9gvk0/c0dx/xmBZlIC9fVQcTiMaq+fgC+BRBXq0N+uKeAQpYX/m0C4s8=
X-Received: by 2002:a37:6582:: with SMTP id z124mr4565418qkb.37.1559241967946;
 Thu, 30 May 2019 11:46:07 -0700 (PDT)
MIME-Version: 1.0
References: <BCBFC043-D7FC-45AF-B1D8-D617C2DC5AD0@gmail.com>
 <CAFX-c4uqMk7ujYpd+Vz8CjVWq6iad=nxCSKJLrmYiZmucCTSog@mail.gmail.com>
 <8415A7B0-29A8-4F2A-9CD2-281DADA58118@gmail.com> <D245AAA5-E4DD-4793-8340-7F4D4EB8C2AA@gmail.com>
 <0CE73D1D-E099-4FB5-BD37-93E028C95D35@gmail.com> <3E6132DA-7116-411E-B05F-8E052BF591BA@gmail.com>
 <1559232072370-0.post@n4.nabble.com> <CACKqNeVCfTRTASd99YP1WQF6OgxuWQp933R4fNaC0FmZ3Jh2fQ@mail.gmail.com>
 <CACKqNeXCFZXE0yBNTuj3P16gp1pa8pSYdSyAdsfn3keSUOE0Rg@mail.gmail.com>
In-Reply-To: <CACKqNeXCFZXE0yBNTuj3P16gp1pa8pSYdSyAdsfn3keSUOE0Rg@mail.gmail.com>
From: Mike Jumper <mjumper@apache.org>
Date: Thu, 30 May 2019 11:45:31 -0700
X-Gmail-Original-Message-ID: <CALKeL-OVRUEPZZuRdcc5F+FDVUMVanbuvXL3scP5YBTwpW+2dA@mail.gmail.com>
Message-ID: <CALKeL-OVRUEPZZuRdcc5F+FDVUMVanbuvXL3scP5YBTwpW+2dA@mail.gmail.com>
Subject: Re: Catch Guacamole session on Xrdp
To: user@guacamole.apache.org
Content-Type: multipart/alternative; boundary="0000000000009e6ea2058a1f4f7f"

--0000000000009e6ea2058a1f4f7f
Content-Type: text/plain; charset="UTF-8"

Manoj, please don't double-post.

To anyone accidentally finding this thread in the archives, the original
thread is here:

https://lists.apache.org/thread.html/546e78b2ef584870244ef3cb00d6bc9bb202298e023230df5d45b3b8@%3Cuser.guacamole.apache.org%3E

On Thu, May 30, 2019 at 10:34 AM Manoj Patil <manoj2patil@gmail.com> wrote:

> In last conversations mike jumper says this will happen with tomcat apache
> with valve setting and some settings required in nginix .
>
> But I done settings but this will not work
>
> On Thu, 30 May 2019, 22:57 Manoj Patil <manoj2patil@gmail.com wrote:
>
>> I am not understanding this .
>> It is not possible through guacamole
>>
>> On Thu, 30 May 2019, 21:31 sciUser <shulbert@securitycentric.net wrote:
>>
>>> Hello,
>>>
>>> The LAN (local area network) is an isolated network generally made up of
>>> private IP addresses (Private IPs are non public access IPs).
>>>
>>> Example: User TOM is from Site A making a connection in to Site B using
>>> Guacamole, Site B will only see the gateway IP address or static Pool IP
>>> address of Site A.  Even though TOM's IP is 192.168.99.20 on his LAN
>>> segment
>>> and Site A gateway IP 203.10.190.2 so Site B will only see 203.10.190.2
>>> unless its NAT Pool then it would see the NAT POOL IP addresses which are
>>> public IPs.
>>>
>>> Where this isn't true; is if you break RFC, don't break RFC, RFC is
>>> there to
>>> protect you RFC is a good policy.
>>>
>>> Now what I think you want is not the LAN IP address but the connection
>>> IP of
>>> the client.
>>> This is easy, write a bash scrip that has the following logic.
>>>
>>> LOGIC:
>>>
>>> If new connection is detected on port XXXX then log to file/database or
>>> do
>>> something.
>>> You can wrap this with tcpdump and make tcpdump listen only to the port
>>> event, then log that event to the file/database.
>>> Or you parse the Catalina logs (Little more work in coding).
>>>
>>> We have a complete provisioning system with API call back server that
>>> controls Guacamole, we use the API server to log the connection requests.
>>>
>>>
>>> Hope this helps.
>>>
>>> Thank You
>>>
>>>
>>>
>>>
>>>
>>> -----
>>> A Cybersecurity Enablement Company
>>> We don't just run you through the motions, Our labs teach you how to
>>> think!
>>>
>>> --
>>> Sent from:
>>> http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
>>> For additional commands, e-mail: user-help@guacamole.apache.org
>>>
>>>

--0000000000009e6ea2058a1f4f7f
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr">Manoj, please don&#39;t double-post.<br><=
br>To anyone accidentally finding this thread in the archives, the original=
 thread is here:<br><br><a href=3D"https://lists.apache.org/thread.html/546=
e78b2ef584870244ef3cb00d6bc9bb202298e023230df5d45b3b8@%3Cuser.guacamole.apa=
che.org%3E" target=3D"_blank">https://lists.apache.org/thread.html/546e78b2=
ef584870244ef3cb00d6bc9bb202298e023230df5d45b3b8@%3Cuser.guacamole.apache.o=
rg%3E</a><br></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D=
"gmail_attr">On Thu, May 30, 2019 at 10:34 AM Manoj Patil &lt;<a href=3D"ma=
ilto:manoj2patil@gmail.com" target=3D"_blank">manoj2patil@gmail.com</a>&gt;=
 wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px =
0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=
=3D"auto">In last conversations mike jumper says this will happen with tomc=
at apache with valve setting and some settings required in nginix .<div dir=
=3D"auto"><br></div><div dir=3D"auto">But I done settings but this will not=
 work</div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr">On Thu, 30=
 May 2019, 22:57 Manoj Patil &lt;<a href=3D"mailto:manoj2patil@gmail.com" t=
arget=3D"_blank">manoj2patil@gmail.com</a> wrote:<br></div><blockquote clas=
s=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid r=
gb(204,204,204);padding-left:1ex"><div dir=3D"auto">I am not understanding =
this .<div dir=3D"auto">It is not possible through guacamole</div></div><br=
><div class=3D"gmail_quote"><div dir=3D"ltr">On Thu, 30 May 2019, 21:31 sci=
User &lt;<a href=3D"mailto:shulbert@securitycentric.net" rel=3D"noreferrer"=
 target=3D"_blank">shulbert@securitycentric.net</a> wrote:<br></div><blockq=
uote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1p=
x solid rgb(204,204,204);padding-left:1ex">Hello,<br>
<br>
The LAN (local area network) is an isolated network generally made up of<br=
>
private IP addresses (Private IPs are non public access IPs).<br>
<br>
Example: User TOM is from Site A making a connection in to Site B using<br>
Guacamole, Site B will only see the gateway IP address or static Pool IP<br=
>
address of Site A.=C2=A0 Even though TOM&#39;s IP is 192.168.99.20 on his L=
AN segment<br>
and Site A gateway IP 203.10.190.2 so Site B will only see 203.10.190.2<br>
unless its NAT Pool then it would see the NAT POOL IP addresses which are<b=
r>
public IPs.<br>
<br>
Where this isn&#39;t true; is if you break RFC, don&#39;t break RFC, RFC is=
 there to<br>
protect you RFC is a good policy.<br>
<br>
Now what I think you want is not the LAN IP address but the connection IP o=
f<br>
the client.<br>
This is easy, write a bash scrip that has the following logic.<br>
<br>
LOGIC:<br>
<br>
If new connection is detected on port XXXX then log to file/database or do<=
br>
something.<br>
You can wrap this with tcpdump and make tcpdump listen only to the port<br>
event, then log that event to the file/database.<br>
Or you parse the Catalina logs (Little more work in coding).<br>
<br>
We have a complete provisioning system with API call back server that<br>
controls Guacamole, we use the API server to log the connection requests.<b=
r>
<br>
<br>
Hope this helps.<br>
<br>
Thank You<br>
<br>
<br>
<br>
<br>
<br>
-----<br>
A Cybersecurity Enablement Company <br>
We don&#39;t just run you through the motions, Our labs teach you how to th=
ink!<br>
<br>
--<br>
Sent from: <a href=3D"http://apache-guacamole-general-user-mailing-list.236=
3388.n4.nabble.com/" rel=3D"noreferrer noreferrer noreferrer" target=3D"_bl=
ank">http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.co=
m/</a><br>
<br>
---------------------------------------------------------------------<br>
To unsubscribe, e-mail: <a href=3D"mailto:user-unsubscribe@guacamole.apache=
.org" rel=3D"noreferrer noreferrer" target=3D"_blank">user-unsubscribe@guac=
amole.apache.org</a><br>
For additional commands, e-mail: <a href=3D"mailto:user-help@guacamole.apac=
he.org" rel=3D"noreferrer noreferrer" target=3D"_blank">user-help@guacamole=
.apache.org</a><br>
<br>
</blockquote></div>
</blockquote></div>
</blockquote></div></div>

--0000000000009e6ea2058a1f4f7f--