I want to apply network access control for Node-Red flows. For example, TCP node clearly express its network access through host and port properties. However, not all nodes express their network IP/Port. For example, "wiotp out", "twitter", "Websocket".
What is the best way to figure out exactly what access control does flow need?
Which part of the source code handle node network access requirement?
Thank you
You can google what ports a websocket uses.
For the twitter node either look at the source code or at Twitter's API docs.
That's my last option. Looking for what IP/port each node is using outside Node-red seems not efficient solution.
I want to automate access control by extracting from node-red flow what network IP/port nodes require. I am thinking of reusing or accessing any prepossessed file that reveals nodes that need network access in Node-red.
There are OS tools that will let you see what process is using what ports and endpoints.
If the help information isn't clear for a specific node, I would suggest contacting the author and helping them update their documentation.
I don't think there is any way of extracting that information from the flow, since the information is not included in the flow. Anyone can develop a node that accesses any port they like, and there is no way of reliably knowing by examining the flow what that port might be. Even examining all the installed nodes would not reliably tell you as the port used might not be obvious from the code. It can also come from system environment variables so you would have to know which environment variables to look at, and they might be different from one run to the next.
I think I get what I was looking for.
There is a activeNodes object (in node-red/red/runtime/nodes/flows/flows.js) contains nodes with more details about network connections.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy