From 127bf0cbc2ba0cc6c32a0663bcf833368e44a52c Mon Sep 17 00:00:00 2001 From: Oliver Jowett Date: Sat, 6 Dec 2014 22:23:13 +0000 Subject: [PATCH] Lock down the default config - no remote connections, no HTTP server. The user can reconfigure if they want a more open setup. Add Suggests: lighttpd and recommend that as the way to run the map interface. --- debian/control | 4 +--- debian/dump1090-mutability.default | 11 +++++++++-- debian/dump1090-mutability.init | 4 ++-- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/debian/control b/debian/control index 0e44536..aebccd7 100644 --- a/debian/control +++ b/debian/control @@ -10,12 +10,10 @@ Vcs-Git: https://github.com/mutability/dump1090.git Package: dump1090-mutability Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, adduser +Suggests: lighttpd Description: ADS-B Ground Station System for RTL-SDR Networked Aviation Mode S / ADS-B decoder/translator with RTL-SDR software defined radio USB device support. . - Includes a mini-webserver that you can access to see aircraft in the vicinity - of your receiver. - . This is a packaging of the "mutability" fork of dump1090 that includes sampling at 2.4MHz and other improvements. diff --git a/debian/dump1090-mutability.default b/debian/dump1090-mutability.default index 6f10d61..1172921 100644 --- a/debian/dump1090-mutability.default +++ b/debian/dump1090-mutability.default @@ -59,7 +59,12 @@ DUMP1090_USER="dump1090" # # Port to listen on for HTTP connections. 0 disables. -#HTTP_PORT=8080 +# HTTP defaults to being disabled unless you specify something here. I +# that you do not enable this, and instead serve the contents of +# /usr/share/dump1090-mutability and JSON_DIR (below) using a proper +# webserver. See /etc/lighttpd/conf-available/90-dump1090.conf +# for an example configuration ("sudo lighty-enable-mod dump1090" to enable) +#HTTP_PORT=0 # Port to listen on for raw (AVR-format) input connections. 0 disables. #RAW_INPUT_PORT=30001 @@ -89,7 +94,9 @@ DUMP1090_USER="dump1090" #NET_BUFFER=0 # Bind ports on a particular address. If unset, binds to all interfaces. -#BIND_ADDRESS= +# This defaults to binding to localhost. If you need to allow remote +# connections, change this. +#BIND_ADDRESS=127.0.0.1 # # Misc options diff --git a/debian/dump1090-mutability.init b/debian/dump1090-mutability.init index 1334ead..c755b2a 100644 --- a/debian/dump1090-mutability.init +++ b/debian/dump1090-mutability.init @@ -38,7 +38,7 @@ PHASE_ENHANCE=no AGGRESSIVE=no LAT= LON= -HTTP_PORT=8080 +HTTP_PORT=0 RAW_INPUT_PORT=30001 RAW_OUTPUT_PORT=30002 SBS_OUTPUT_PORT=30003 @@ -48,7 +48,7 @@ NET_HEARTBEAT=60 NET_OUTPUT_SIZE=5 NET_OUTPUT_INTERVAL=1 NET_BUFFER=0 -BIND_ADDRESS= +BIND_ADDRESS=127.0.0.1 STATS_INTERVAL=3600 JSON_DIR=/run/$NAME JSON_INTERVAL=1