node.js – Is there a serverless platform that allows requests from any hostname?

I have an endpoint (built with Node.js and Express) that returns different results based on the request’s hostname and I’m looking for a platform to host it. Ideally it would scale up automatically and down to 0 if no requests are made in a similarly to AWS lambda functions and GCP Cloud Run. Note that this run just fine locally and on GCP Compute Engine.

As I’m more familiar with GCP, I checked with Cloud Run and Cloud Functions. For Cloud Run you have to specify and verify the allowed domains that call the function. Cloud functions do no provide such functionality neither.

Since TLS/SSL certificates depend on the hostname I understand that I have to sacrifice having managed HTTPS and have automatic issuance of certificates but that’s fine.

Is there an serverless AWS product or something else that allows requests from any hostname? Maybe this is possible with Cloudflare workers?

best practice for PUT requests in REST API

What’s the best practice around updating information received from the request?

  1. Update all the columns with the values received in the request object? What if there are columns that should be updated when posted by admin and not by the regular user? We have a lot of such situations.

  2. Should the backend check what attributes are getting a different value from what is saved in the DB?

P.S: We are using Dynamo and AWS API gateway and this is a serverless application

kubernetes – Zookeeper-shell is Returning null for broker requests

Background

On my Kubernetes cluster, I have installed Zookeeper & Kafka using Confluent Operator. I have confirmed that they are configured properly by creating and publishing to a Kafka topic.

Problem

When I use the zookeeper-shell, the command:
get /brokers/ids returns null, while I’m expecting something like (0, 1, 2)

Details

I am using the zookeeper-shell from within the Kubernetes cluster, and am connecting without difficulty with the following command:
~/bin/zookeeper-shell zookeeper:2181

The following commands output the correct (non-null) response: get /zookeeper/config, get /cluster/id

But the following commands return null: get /brokers/ids, get /brokers/topics

More Info

The fact that I know the brokers are working makes this strange. It could be a security issue, but it seems strange that the other requests would work in that case. Finally, Confluent Control Center is directly telling me that broker.id 1 is the controller, which implies that this data is somehow retrievable. Any help here would be appreciated. Thank you.

python – How to reproduce a TCP stream via HTTP requests

Suppose a conjuncture where is needed to pass a normal TCP/IP traffic through a HTTP server, like the below scheme:

Client <> SOCKS5 proxy <> HTTP server <> Remote

First, the client connection to remote will be go through a SOCKS5 proxy. Then, the SOCKS5 proxy will be responsible for converting the ongoing data in a HTTP request to another server. Finally, the HTTP server sends the data to the remote server and spits the response, simulating a TCP stream.

For example:

Client → localhost:8080 (SOCKS5 server):

domain test.com.br

localhost:8080 → localhost:8081 (HTTP server):

GET /?target=0:whois.registro.br:43:domain+test.com HTTP/1.1
Host: localhost:8081
Accept: */*
Connection: close

Then, the HTTP server will send domain test.com.br to whois.registro.br:43 and pass the response the way back until the client.

I’ve already written the SOCKS and HTTP server algorithms in Python:

#!/usr/bin/env python3
# socks_server.py

import logging
import socket
import struct
from threading import Thread
from queue import Queue
from time import sleep
from socketserver import ThreadingMixIn, TCPServer, StreamRequestHandler
from base64 import urlsafe_b64encode, b64decode

SOCKS_VERSION = 5

TUNNEL_ADDR = '0.0.0.0'             # http server IP address
TUNNEL_PORT = 8080                  # http server port
TUNNEL_HOST = 'localhost:8080'      # http server 'Host' header

class ListenThread(Thread):
    q_w:Queue                       # worker queue
    client:socket                   # client socket

    def __init__(self, client, args=(), kwargs=None):
        Thread.__init__(self, args=(), kwargs=None)
        self.q_w = Queue()
        self.daemon = True

        self.client = client

    def run(self):
        while True:
            res = self.client.recv(4096)
            self.q_w.put(res)


class ThreadedTCPServer(ThreadingMixIn, TCPServer):
    allow_reuse_address = True
    pass

class SocksProxy(StreamRequestHandler):
    remote_addr:str
    remote_port:int

    def handle(self):
        logging.info('Accepting from %s:%s' % self.client_address)

        header = self.connection.recv(2)
        version, nmethods = struct.unpack('!BB', header)

        assert version == SOCKS_VERSION
        assert nmethods > 0

        methods = self.get_available_methods(nmethods)

        # no auth
        if 0 not in set(methods):
            self.server.close_request(self.request)
            return

        # welcome msg
        self.connection.sendall(struct.pack('!BB', SOCKS_VERSION, 0))

        version, cmd, _, address_type = struct.unpack('!BBBB', self.connection.recv(4))
        assert version == SOCKS_VERSION

        if address_type == 1:
            self.remote_addr = socket.inet_ntoa(self.connection.recv(4))
        elif address_type == 3:
            domain_length = self.connection.recv(1)(0)
            self.remote_addr = self.connection.recv(domain_length)
            self.remote_addr = socket.gethostbyname(self.remote_addr)

        self.remote_port = struct.unpack('!H', self.connection.recv(2))(0)

        try:
            if cmd == 1:
                pass
            else:
                self.server.close_request(self.request)

            addr = struct.unpack('!I', socket.inet_aton(self.remote_addr))(0)
            port = self.remote_port
            reply = struct.pack('!BBBBIH', SOCKS_VERSION, 0, 0, 1, addr, port)

        except:
            reply = self.generate_failed_reply(address_type, SOCKS_VERSION)

        self.connection.sendall(reply)

        # data exchange
        if reply(1) == 0 and cmd == 1:
            self.exchange_loop(self.connection)

        self.server.close_request(self.request)
        


    def get_available_methods(self, n):
        return ( ord(self.connection.recv(1)) for i in range(n) )
    
    def generate_failed_reply(self):
        return struck.pack('!BBBBIH', SOCKS_VERSION, error_number, 0, address_type, 0, 0)

    # relevant part here
    def exchange_loop(self, client):

        packetnum = 0

        while True:

            # reads from client
            req = b''
            while True:
                chunk = client.recv(4096)
                req += chunk

                if len(chunk) < 4096:
                    break

            segments = (
                str(packetnum).encode(),
                self.remote_addr.encode(),
                str(self.remote_port).encode(),
                req
            )

            segments = ( urlsafe_b64encode(s).decode() for s in segments )
            segments = ':'.join(segments)

            data = 'GET /?target=%s HTTP/1.1rn' % segments
            data += 'Host: %srn' % TUNNEL_HOST
            data += 'Accept: */*rn'
            data += 'Connection: closernrn'

            print('>> ' + repr(data))

            # connects to the HTTP server and send request
            s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
            s.connect((TUNNEL_ADDR, TUNNEL_PORT))
            s.sendall(data.encode())

            res = b''
            while True:
                chunk = s.recv(4096, socket.MSG_WAITALL)
                res += chunk

                if len(chunk) < 4096:
                    break

            s.close()

            print('<< ' + repr(res))

            if res.decode().find('HTTP') != 0:
                raise Exception('not a HTTP response')

            # finally, retrieves response to client
            res = res.decode().split('rnrn', 1)(1)
            res = b64decode(res)

            print(res)

            if client.send(res) <= 0:
                break

            packetnum += 1

if __name__ == '__main__':
    with ThreadedTCPServer(('0.0.0.0', 9011), SocksProxy) as server:
        server.serve_forever()

The HTTP server spawns a thread for each new connection, then append it to a dict for being reused. In our purpose, the proxy must be able to send and receive more than one packet per connection.

#!/usr/bin/env python3
# http_server.py

from http.server import BaseHTTPRequestHandler, HTTPServer
from urllib import parse
from base64 import urlsafe_b64decode, b64encode
from queue import Queue

import threading
import socket

class SocketThread(threading.Thread):
    socket.socket       # socket to remote server    
    q_m:Queue           # main queue (worker -> main)
    q_w:Queue           # worker queue (main -> worker)

    addr:str            # remote ip address
    port:int            # remote port

    def __init__(self, queue, args=(), kwargs=None):
        threading.Thread.__init__(self, args=(), kwargs=None)
        self.q_m = queue
        self.q_w = Queue()
        self.daemon = True
        
        (self.addr, self.port, self.r) = args

    def run(self):
        print(threading.current_thread().getName())
        
        self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        self.socket.connect((self.addr, self.port))
        
        while True:
            try:
                val = self.q_w.get()

                bc = self.socket.sendall(val if isinstance(val, bytes) else val.encode())
                print(f'{bc} bytes sent to {self.addr}:{self.port}')

                ret = b''
                while True:
                    chunk = self.socket.recv(4096, socket.MSG_WAITALL)
                    ret += chunk

                    if len(chunk) < 4096:
                        break
                    
                ret = b64encode(ret)
                print('Got response!')

                self.r.push_packet(ret)
                self.q_m.put(ret)

            except:
                self.q_m.put('CONN_CLOSE')
                raise
                break


class Handler(BaseHTTPRequestHandler):
    protocol_version = 'HTTP/1.1'
    connections:dict = {}   # dict containg socket threads

    def __init__(self, *args, **kwargs):
        super(BaseHTTPRequestHandler, self).__init__(*args, **kwargs)

    def do_GET(self):
        self.send_response(200)
        self.send_header('Content-type', 'text/plain')

        try:
            parsed_uri = parse.urlsplit(self.path)
            query = dict(parse.parse_qsl(parsed_uri.query))

            segments = query('target').split(':')
            segments = ( urlsafe_b64decode(s) for s in segments )

            assert len(segments) == 4

            self.packetnum = int(segments(0) or 0)
            self.port = int(segments(2) or 0)
            self.addr = segments(1)
            self.data = segments(3)

            assert self.addr != None
            assert self.port != 0

            if self.packetnum == 0 or self.data:
                conn_name = '%s:%d' % (self.addr, self.port)
                if not self.connections.get(conn_name):
                    print('New connection, spawning new thread...')
                    q = Queue()
                    self.connections(conn_name) = SocketThread(q, args=(self.addr, self.port, self.r))
                    self.connections(conn_name).start()
                else:
                    print('Reusing thread')

                print(f'name: {conn_name}')
                self.connections(conn_name).q_w.put(self.data)

                ret = self.connections(conn_name).q_m.get()

                if ret == 'CONN_CLOSE':
                    print(ret)
                    self.connections(conn_name) = None
                    return

                print(repr(ret))
                self.send_header('Content-length', len(ret))
                self.end_headers()
                self.wfile.write(ret)

        except KeyError:
            self.end_headers()
            raise


def main():
    server = HTTPServer(('0.0.0.0', 8080), Handler)
    server.serve_forever()

if __name__ == '__main__':
    main()

This, however, doesn’t seem to be working. The SOCKS server suddenly blocks at some points, and I couldn’t yet figure out how to handle connection close. Could someone give me a hand to put it working?

windows 10 – PC will not automatically turn off screen or go to sleep. “powercfg /requests” shows nothing

I realize this probably has been asked before but I’ve tried everything in this thread and still nothing has worked: Why won’t my computer go to sleep automatically?

Summary: PC is no longer going to sleep automatically or even turning off the monitor. I can manually put it to sleep and awake it with no issues. I currently have it set to sleep after 1 minute for testing.

Running Win 10 Enterprise x64

Things I’ve tried:

  • Removed all peripherals, mouse, keyboard
  • Closed all applications
  • Windows fully updated
  • Disabled wake timers
  • Checked power plan and disabled all “keep pc awake” settings; disabled hybrid sleep, enabled allow computer to sleep with media
  • Checked device manager and made sure nothing can wake PC.
  • Checked Task Scheduler for running tasks and ended them
  • I use Plex Media Server, but I’ve tested shutting down the service.

cmd powercfg /requests or /waketimers shows nothing: https://imgur.com/a/XsMb0FD

Only recent changes to my PC have been adding a Gigabyte RTX 3070 GPU and I added a new monitor so now I have two.

I feel like I’ve tried everything I could find on google so now I’m trying here. Thanks in advance to anyone reading this.

web application – Should I strip the “Origin” header from client requests?

I’m trying to setup an nginx reverse proxy to a web product I can’t modify (it’s an appliance).

Client –> https://myapp.com –> nginx –> https://10.1.5.9

I managed to do so, but it required stripping the “Origin” and “Referer” headers from the client request because the web server won’t accept authentications if those headers aren’t “https://10.1.5.9” (and the client browser automatically sets them to “https://myapp.com”).

I don’t fully understand CORS and the “Origin” header. Is it a bad idea to strip this header from client requests? Could it expose my app to security vulnerabilities?

php – Suspicious HTTP Requests in my logs

I’m running a php application with a user management system called userspice. It basically allows you to include the userspice php file and then control access to a certain php page.

As i seen some spikes in my log management about 404 Requests i was getting curious and decided to look at the apache logs directly.

I found couple of suspicious HTTP requests in my access.log There are POST and GET Requests, coming from a russian IP:

45.146.165.157 - - (24/Mar/2021:13:59:19 +0100) "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 302 30929 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:19 +0100) "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars(0)=md5&vars(1)()=HelloThinkPHP21 HTTP/1.1" 302 31045 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:20 +0100) "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 3660 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:20 +0100) "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 3660 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:21 +0100) "POST /api/jsonws/invoke HTTP/1.1" 404 3660 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:22 +0100) "POST /mifs/.;/services/LogService HTTP/1.1" 404 3660 "https://194.191.321.193:443" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:23 +0100) "GET /console/ HTTP/1.1" 404 3660 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:27 +0100) "GET /_ignition/execute-solution HTTP/1.1" 404 3660 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:28 +0100) "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 404 3660 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:28 +0100) "GET /users/login.php?dest=index.php&redirect=https%3A%2F%2F194.191.321.193%3A443%2Findex.php%3Fs%3D%2FIndex%2F%5Cthink%5Capp%2Finvokefunction%26function%3Dcall_user_func_array%26vars%5B0%5D%3Dmd5%26vars%5B1%5D%5B%5D%3DHelloThinkPHP21 HTTP/1.1" 200 10621 "https://194.191.321.193:443/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars(0)=md5&vars(1)()=HelloThinkPHP21" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:29 +0100) "GET /users/login.php?dest=index.php&redirect=https%3A%2F%2F194.191.321.193%3A443%2F%3FXDEBUG_SESSION_START%3Dphpstorm HTTP/1.1" 200 10577 "https://194.191.321.193:443/?XDEBUG_SESSION_START=phpstorm" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.146.165.157 - - (24/Mar/2021:13:59:29 +0100) "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 404 3660 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"

(I changed the last two blocks of the redirecting ip starting with 194xxxxx to hide my service/website, the datadog line is )

These seem to me like somebody wants to run their own php code on my website and probably get a reverse connection out of this. Most of the requests didn’t go through, code 404, but I’m still wondering what’s behind it.

I tried the Requests out myself and didn’t get much of an output just redirects to the index site…

Maybe someone knows what’s going on?

Thanks for your help, just tell me if you need more information.

ubuntu – PiVPN installation prevents hosted DNS from receiving requests

I had a working setup running PiHole and Unbound as the upstream DNS. I had UFW set up, such that only my home IP could make requests to PiHole (ie. only my home IP packets will be accepted on port 53). This setup worked.

After installing PiVPN (Wireguard), devices on my home network can no longer resolve DNS queries. This is confirmed by the PiHole log not showing any queries being requested. TCPDump shows that these packets are getting to the server however.

Unbound listens on 5353. PiHole listens on 53. Apache is also running on this server on 80 and 443. I use UFW as my firewall.

I have attempted to do ufw allow 53 to allow all traffic to PiHole, that did not fix the issue and neither did ufw disable. I attempted to remove DNSMASQ_LISTENNING=local from the PiHole setupVars.conf (added back) to no avail.

Here’s what I get from pivpn debug

::: Generating Debug Output
::::        PiVPN debug      ::::
=============================================
::::        Latest commit        ::::
commit d7771c251418fa443869397d46f93c5b0c197558
Author: 4s3ti <4s3ti@protonmail.com>
Date:   Sat Feb 6 23:04:11 2021 +0100

    Merge branch test into master
    
    fixes #1234
    ci/cd fixes and improvements
=============================================
::::        Installation settings        ::::
PLAT=Ubuntu
OSCN=focal
USING_UFW=1
IPv4dev=ens3
install_user=pivpn
install_home=/home/pivpn
VPN=wireguard
pivpnPORT=20
pivpnDNS1=10.6.0.1
pivpnDNS2=
pivpnHOST=REDACTED
pivpnPROTO=udp
pivpnDEV=wg0
pivpnNET=10.6.0.0
subnetClass=24
ALLOWED_IPS="0.0.0.0/0, ::0/0"
UNATTUPG=1
INSTALLED_PACKAGES=(wireguard-tools qrencode)
=============================================
::::  Server configuration shown below   ::::
(Interface)
PrivateKey = server_priv
Address = 10.6.0.1/24
ListenPort = 20
=============================================
::::  Client configuration shown below   ::::
::: There are no clients yet
=============================================
::::    Recursive list of files in   ::::
::::    (4m/etc/wireguard shown below    ::::
/etc/wireguard:
configs
keys
wg0.conf

/etc/wireguard/configs:
clients.txt

/etc/wireguard/keys:
server_priv
server_pub
=============================================
::::        Self check       ::::
:: (OK) IP forwarding is enabled
:: (OK) Ufw is enabled
:: (OK) Iptables MASQUERADE rule set
:: (OK) Ufw input rule set
:: (OK) Ufw forwarding rule set
:: (OK) WireGuard is running
:: (OK) WireGuard is enabled (it will automatically start on reboot)
:: (OK) WireGuard is listening on port 20/udp
=============================================
:::: Having trouble connecting? Take a look at the FAQ:
:::: https://github.com/pivpn/pivpn/wiki/FAQ
=============================================
:::: WARNING: This script should have automatically masked sensitive       ::::
:::: information, however, still make sure that PrivateKey, PublicKey      ::::
:::: and PresharedKey are masked before reporting an issue. An example key ::::
:::: that you should NOT see in this log looks like this:                  ::::
:::: YIAoJVsdIeyvXfGGDDadHh6AxsMRymZTnnzZoAb9cxRe                          ::::
=============================================
::::        Debug complete       ::::
::: 
::: Debug output completed above.
::: Copy saved to /tmp/debug.log
::: 

Output of sudo iptables -vnL

Chain INPUT (policy DROP 5 packets, 250 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  183 15110 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
 1113  272K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     esp  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     ah   --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8 limit: up to 5/sec burst 5 mode srcip
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 123
    3   148 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ctstate NEW
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            172.31.141.238       udp dpt:53
 1800  121K ufw-before-logging-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
 1800  121K ufw-before-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
   66  3676 ufw-after-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
   66  3676 ufw-after-logging-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
   66  3676 ufw-reject-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
   66  3676 ufw-track-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       10.0.8.0/24          10.0.8.0/24         
    0     0 DROP       all  --  *      *       10.0.8.0/24          169.254.0.0/16      
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:445
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport ports 137,138
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport ports 137,139
    0     0 ACCEPT     all  --  *      *       10.0.8.0/24          0.0.0.0/0            ctstate NEW policy match dir in pol none
    0     0 ufw-before-logging-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-before-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-after-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-after-logging-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-reject-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-track-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            10.0.8.0/24          owner GID match 15000
    0     0 DROP       all  --  *      *       0.0.0.0/0            169.254.0.0/16       owner GID match 15000
 1541  306K ufw-before-logging-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
 1541  306K ufw-before-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  166 11698 ufw-after-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  166 11698 ufw-after-logging-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  166 11698 ufw-reject-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  166 11698 ufw-track-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-after-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-after-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:137
    0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:138
    0     0 ufw-skip-to-policy-input  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:139
    0     0 ufw-skip-to-policy-input  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:445
    0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
    0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:68
    0     0 ufw-skip-to-policy-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "(UFW BLOCK) "

Chain ufw-after-logging-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   48  2928 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "(UFW BLOCK) "

Chain ufw-after-logging-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-after-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 12
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
    0     0 ufw-user-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-before-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    5   208 ufw-logging-deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
    5   208 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 12
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:67 dpt:68
 1795  121K ufw-not-local  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            224.0.0.251          udp dpt:5353
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            239.255.255.250      udp dpt:1900
 1795  121K ufw-user-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-before-logging-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-logging-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-logging-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  183 15110 ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0           
 1192  279K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
  166 11698 ufw-user-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-logging-allow (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "(UFW ALLOW) "

Chain ufw-logging-deny (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    5   208 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID limit: avg 3/min burst 10
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "(UFW BLOCK) "

Chain ufw-not-local (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 1795  121K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type MULTICAST
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST
    0     0 ufw-logging-deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-reject-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-reject-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-reject-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-skip-to-policy-forward (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-skip-to-policy-input (7 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-skip-to-policy-output (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-track-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-track-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-track-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   21  1260 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW
  145 10438 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW

Chain ufw-user-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  wg0    ens3    10.6.0.0/24          0.0.0.0/0           

Chain ufw-user-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:20
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22 /* 'dapp_OpenSSH' */
    8   500 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 80,443 /* 'dapp_Apache%20Full' */
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:21
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:25565
    0     0 ACCEPT     tcp  --  *      *       HOME_IP       0.0.0.0/0            tcp dpt:53
 1698  115K ACCEPT     udp  --  *      *       HOME_IP       0.0.0.0/0            udp dpt:53

Chain ufw-user-limit (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "(UFW LIMIT BLOCK) "
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain ufw-user-limit-accept (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-user-logging-forward (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-logging-input (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-logging-output (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-output (1 references)
 pkts bytes target     prot opt in     out     source               destination 

graphs and networks – How can I delay twitter requests

Using the twitter ServiceConnection it is easy to build the friend network of a twitter account:

twitter = ServiceConnect["Twitter", "New"]
twitter["FollowerNetwork", "Username" -> "elonmusk"]

However, the requests are made too frequently and after some minutes I get blocked by the twitter API resulting in an incomplete graph.

How can I delay the requests to be limited to what twitter allows per minute?

For example, the tweepy python library has a setting wait_on_rate_limit https://docs.tweepy.org/en/v3.2.0/api.html#API

❕NEWS – Robinhood requests that SEC revise its trading rules | Proxies-free

The SEC has been taking a major stance on cryptocurrency recently and it is seen across the news in various articles. One of the common cryptocurrency exchanges, that is known as Robinhood, is requesting that the Sec revise its trading rules on the cryptocurrency front, stating that these trading rules are actually considered to be outdated. The concern that this platform has is that the SEC requests that the transactions, when withdrawn take 2 days to clear, which Robinhood feels that should be revised. Do you think that it is necessary to revise these regulations? A two-day waiting period can be quite long.