I have a little server in my local network that provides several web services. Each service can be accessed by entering the ip of the server followed by the respective port.
Now I always have to remember which service is behind which port and it would be nicer to have specific subdomains forwarded to these ports. For example
ip:1234 -> foo.server.local
ip:4321 -> bar.server.local
How can this be done? I have pihole running on the server and had hoped to get this done using pihole but I was not successful.
What you are looking for is to set up a Domain Name Server (DNS). phoenixnap.com/kb/raspberry-pi-dns-server This guide should help.
You use a domain to direct to an IP:port combo. Like you could direct 123.12.12.12:8080 to some.thing and 123.12.12.12:8081 to any.address.
The domain name is arbitrary and masks the whole IP:port address.
Related
i know there are lots of similar questions about but no one help me.
I have a linux server running nginx reverse proxy in docker, a duckdns domain created,opened my router port 80 and 443. I can't access from outside with my domain name or public ip, it seems like my router refuses external request. I tried with lots of configuration, follow lots of guides on web... I get crazy to solve this problem.
I think problem is before nginx, so i not post my nginx conf. If can help, I will post it.
Hope someone can help me. Thank you so much
There are several things that could be causing the issue with your router refusing external requests. Here are a few things to check:
Make sure that your router's firewall is configured to allow incoming connections on ports 80 and 443. Some routers have a built-in firewall that needs to be configured to allow traffic through specific ports.
Confirm that your router is properly forwarding incoming requests to the correct IP address and port on your network. This is typically done through a feature called port forwarding.
Check your router's security settings to ensure that it is not blocking incoming requests based on the source IP address or domain name. Some routers have the option to block incoming requests from specific IP addresses or domain names.
Confirm that your Linux server is properly configured to handle incoming requests. This includes checking that your Nginx reverse proxy is running and properly configured to forward requests to the correct IP address and port.
Verify that your DNS is pointing to the right IP address, you can use online tools like https://www.whatsmydns.net/ to check this.
Check if your router have any VPN or proxy service enabled, which could be affecting the incoming request.
Check if your ISP is blocking incoming connection to your public IP address.
It's also possible that there might be a problem with your router's firmware or hardware, in that case, you may need to contact the manufacturer for further assistance.
I have a server and I am using Ubuntu 20.04, nginx , mosquitto and node-red and docker , let's call the website http://mywebsite.com. The problem that I am facing that I have created a client lets call it client1 in docker so the URL will be http://mywebsite.com/client1
and I want to establish an MQTT connection via mosquitto and I'm sending the data on topic test
The problem that on node red node of MQTT when I write the IP address of my mosquitto container it works
But if I change the IP address 192.144.0.5 with mywebsite.com/client1 I can't connect to mosquitto and I can't send or receive any form of data
any idea on how to solve this problem
OK, you are going to have several problems here.
You can not do path based proxying with MQTT. If you want to have multiple MQTT brokers (1 per client) bound to a single public facing domain/IP address then they are all going to have to run on separate ports (other than the default 1883).
Nginx can do MQTT protocol proxying (e.g. like this), so you can use this to expose the different ports and forward them to the separate instances of mosquitto, but even if you had a different hostname (all pointing at the same IP address) nginx has no way to know which host name was used because there is no equivalent to the HOST HTTP header to direct it. If you were to use MQTT with TLS then you may be able to get it to work with SNI, but I've never seen anybody do that yet (possible docs for SNI based routing here) It works, explanation about how to do it here.
If you use MQTT over Websockets then you should be able to use hostname based routing.
Path based proxying for Node-RED currently doesn't work properly if you enable admin authentication, because the admin auth tokens are currently stored in browser local storage and only scoped to the hostname, not the hostname + path. This will mean that a client will only ever be able to log into one instance at a time.
You can work round this by using host based proxying, e.g. http://client1.mywebsite.com
A fix for this is on the backlog for Node-RED, probably (no promises) to be looked at after version 1.2.0 ships
I have a docker container which exposes a RESTful API on a specific port (e.g. 4567) on a host machine. According to security requirements, I need to block all requests coming to this port (i.e. 4567) except the one coming from a specific application (say a scheduler like oozie). I'm not very familiar with firewalls, but I'm guessing the first part (blocking on access to the port) can be done in the firewall, but how can I open access to only one application?
I have a developed a web application based on asp.net mvc 4 framework and it works fine in visual studio. since we want to launch our website to public we bought a domain from the godaddy account. And in GoDaddy -> Domains -> Manage -> we mapped the domain name to public/external IP address e.g. 178.112.24.5 ( which is different from what i get in cmd-> ipcoonfig-> shows 192.168.0.2). I guess i should use the public ip addresss not the local ip address shown in the cmd -> ipconfig.
Now i created a web site under iis-> sites-> add new site -> mynewdomain -> with protocol as http, ipaddress as unassigned(default) , port as 80 and hostname as www.mynewdomain.com . But whenever i launch this site from iis, it routes to ISP router configuration login.html page(BTW i use Rogers Internet). So it also fails to launch from other network computers and chrome shows the error as ERR_CONNECTION_REFUSED.
I followed some posts on this site:
How to solve ERR_CONNECTION_REFUSED when trying to connect to localhost running IISExpress - Error 502 (Cannot debug from Visual Studio)?
https://serverfault.com/questions/54623/sites-in-iis-not-available-externally
I tried to fix this by defining firewall rule for port 80 (selected domain,private and public ) , dnsflush and some suggestions from the above two links. But it didn't fix the issue.
You want host your app yourself, ok.
So:
1. To access your host from other networks you've open ports (80 for http and ) in your firewall, sure your local IP address will 192.168.0.2 and you can access your app from LAN on it. But others must get your external IP.
2. Next moment is your domain resolver, you must setup your Name Servers for your host external IP address.
Now what can you do:
First of all use DMZ for testing, it will be open all connections to your machine, but after testing setup your firewall and open only nessessary ports.
And if your internet provider gives you your external IP + not blocking connections you can host your application.
Sure this way of host your web site is not recommended because:
A. Windows 10 Home is not server OS.
B. You need minimum 100 MB/s Speed.
C. Not secured to use home router as firewall.
Hope this will help you.
I'm using a dedicated server on aruba with ZyWall firewall. I have two ports listening in the server, using telnet from inside I can connect to both the ports. If I try to telnet from outside I can access only to one of them.
I have not internal firewall, and I don't understand how I can see if the ZyWall is blocking the port access or it is forwarding all connections to that port to another ip.
Have you any suggestion?
I found the solution. I accessed the firewall web interface from a firefox installed in the dedicated server behind the firewall (the web interface is not accessible from outside), then I made two steps:
I added a rule on which I permit the access to the target port. I made this using the "Service" tab in the Security->Firewall menĂ¹.
In the matrix between LAN, WAN, DMZ etc.. I modified the rule "from WAN to LAN" and I added the rule made in the previous step.
Now it works!