Hi, I use a NEO Extended and have USB and WiFi connected. The Web Control Panel and - I assume - the port for uploading sketches is available via the WiFi-interface. I looked through the documentation but haven't found any description how to restrict it.
I don't understand your question completely but I suspect you want to upload sketches through the wifi connection. If you install the packages according the instructions on page http://www.udoo.org/docs-neo/Arduino_M4_Processor/Programming_Arduino_M4_from_External_PC.html then you also can upload through wifi. See the section "Upload sketches through the network". The trick is to set the IP of the when connected through WiFi in the platform.txt file.
I don't want that users sharing the WiFi the NEO is connected to, to have access to any resources of the NEO that allow to do internal stuff like changing passwords of root and the normal user or uploading sketches. I need the WiFi-connection for the application I've got in mind, though, so deactivating WiFi isn't an option. Of course I could restrict access via iptables but if I can keep the server-processes from listening on that interface, I'd prefer that.
You can switch off the Neo web page: http://www.udoo.org/docs-neo/Cookbook_Linux/Change_Web_Control_Panel_port.html
I know, but I don't want to deactivate it completely but only make it available on 192.168.7.0 and not via the WiFi-interface.
I think via Listen settings in the http.conf file of the web server. All interfaces: Listen 80 Specific IP only: Listen 192.168.7.0:80
AFAIK the web control panel doesn't use Apache but Node.js, but I tried to find the configuration file: Code: udooer@udooneo:/$ sudo bash [sudo] password for udooer: root@udooneo:/# cd / root@udooneo:/# find -name http.conf root@udooneo:/# find -name httpd.conf root@udooneo:/# No such file. It seems that I really have to set up iptable-rules to keep people out of NEO's internals.
You could change the node script in /opt/udoo-web-conf/bin/www line 62: server.listen(port); change in server.listen(port, '192.168.7.2'); It will now only listen from clients coming from that IP (tested it myself)