I was wondering if there's a way to assign a specific port using TCP to the URL that ngrok generates.
i tried with config.yml file, it has this code but it doesn't work
tunnels:
blueiris:
remote_port: 5666
proto: tcp
addr: 123
it generates this URL: Forwarding tcp://0.tcp.ngrok.io:18777 -> localhost:123
the port of the localhost pretty much it doesn't matter. I wan't to assign the port 5666 to the URL 0.tcp.ngrok.io so it can be: 0.tcp.ngrok.io:5666
Thanks.
Related
$
grok start --all
Your account may not run more than 3 tunnels over a single ngrok agent session.
The tunnels already running on this session are:
tn_2HpYCEfpJb2VAiIPS, tn_2HpYCKQh6q9j9R3nyKiJ, tn_2HpYCIPYGWWN9f3am75
ERR_NGROK_324
I tried to stop the running process but I could not.
I searched everywhere but had no luck.
thanks
Ngrok automatically opens a http and https tunnel for every configuration.
Add bind_tls:true to your configs to only open an https tunnel.
This way you can open three connections.
Example configuration:
tunnels:
first_service:
addr: 4200
proto: http
bind_tls: true
second_service:
addr: 8080
proto: http
bind_tls: true
third-service:
addr: 8085
proto: http
bind_tls: true
I have a custom config here is the sample:
log_level: info
region: ap
tunnels:
http:
addr: 5000
proto: http
ssh:
addr: 22
proto: tcp
I specify the config path on pyngrok but when I try to run ngrok.connect() only HTTP part is working and show on my ngrok dashboard, no ssh tunnel. When I try the ngrok binary provided by pyngrok:
ngrok start --all --config=/ngrok.yaml
It works! On my ngrok dashboard I have HTTP, HTTPS and TCP.
These commands do not map to each other, which is why they do not do the same thing. connect() calls ngrok start --none, so it starts the ngrok process and API with no tunnels running, then it starts a tunnel using the API with the params you've passed to connect(). To start multiple tunnels, just call connect() more than once with different params.
from pyngrok import ngrok
conf.get_default().region = "ap"
tunnel1 = ngrok.connect(addr=5000)
tunnel2 = ngrok.connect(addr=22, proto="tcp")
In the above example, the config file isn't even necessary. If you already have tunnel definitions in your config though, you can use them by just passing their name.
from pyngrok import ngrok
conf.get_default().config_path = "/ngrok.yml"
tunnel1 = ngrok.connect(name="http")
tunnel1 = ngrok.connect(name="tcp")
The docs, which have many examples of this and other usage, can be found here.
Background
I have a strange use-case where my VPN cannot be on any of the private subnets, but, also cannot use a TAP interface. The machine will be moving through different subnets, and requires access to the entire private address space by design. A single blocked IP would be considered a failure of design.
So, these are all off limits:
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
169.254.0.0/16
In searching for a solution, I came across RFC 5735, which defines:
192.0.2.0/24 TEST-NET-1
198.51.100.0/24 TEST-NET-2
203.0.113.0/24 TEST-NET-3
As:
For use in documentation and example code. It is often used in conjunction with domain names
example.com or example.net in vendor and protocol documentation. As described in [RFC5737], addresses within this block do not legitimately appear on the public Internet and can be used without any coordination with IANA or an Internet registry.
Which, was a "Jackpot" moment for me and my use case.
Config
I configured an OpenVPN server as such:
local 0.0.0.0
port 443
proto tcp
dev tun
topology subnet
server 203.0.113.0 255.255.255.0 # TEST-NET-3 RFC 5735
push "route 203.0.113.0 255.255.255.0"
...[Snip]...
With Client:
client
nobind
dev tun
proto tcp
...[Snip]...
And ufw rules:
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 203.0.113.0/24 -o ens160 -j MASQUERADE
COMMIT
However, upon running I get /sbin/ip route add 203.0.113.0/24 via 203.0.113.1 RTNETLINK answers: File exists in the error logs. While the VPN completes the rest of its connection successfully.
No connection
Running the following commands:
Server: sudo python3 -m http.server 80
Client: curl -X GET / 203.0.113.1
Results in:
curl: (28) Failed to connect to 203.0.113.1 port 80: Connection timed out
I have tried:
/sbin/ip route replace 203.0.113.0/24 dev tun 0 on client and server.
/sbin/ip route change 203.0.113.0/24 dev tun 0 on client and server.
Adding route 203.0.113.0 255.255.255.0 to the server.
Adding push "route 203.0.113.0 255.255.255.0 127.0.0.1" to server
And none of it seems to work.
Does anyone have any idea how I can force the client to push this traffic over the VPN to my server, instead of to the public IP?
This does actually work!
Just dont forget to allow connections within your firewall. I fixed my config with:
sudo ufw allow in on tun0
However, 198.18.0.0/15 and 100.64.0.0/10 defined as Benchmarking and Shared address space respectively, may be more appropriate choices, since being able to forward TEST-NET addresses may be considered a bug.
My yaml config is like this:
yarn:
hostname: "ngrok.xfl.me:810"
remote_port: 810
proto:
tcp: 8088
My purpose is:
Forwarding https://ngrok.xfl.me:810-> 192.168.0.104:8088
But by default, as the config above, ngrok client just listen to 127.0.0.1. So it failed to connect.
How can I make the ngrok client listen to a certain hostname 192.168.0.104 instead of localhost
Thanks a lot!
It was solved with:
yarn:
hostname: "ngrok.xfl.me:810"
remote_port: 810
proto:
tcp: 192.168.0.104:8088
Is there a way to bind Kibana to more than one IP address using kibana's config file: kibana.yml?
Right now, if I modify the line
server.host: "127.0.0.1"
to
server.host: ["127.0.0.1","123.45.67.89"]
which is valid YML, I get an error.
Is there any way to accomplish this from within Kibana or do I need to do it through a proxy/nginx?
Try 0.0.0.0 if you want kibana to be available on real ip and localhost at the same time.
Install ngrok from https://ngrok.com/, then from your command line type:
ngrok http 5601
Ngrok will create a tunnel to the server and provide you with a url from which you can access your kibana UI.
If you need to acceess the ngrok and the 4040 port is closed on the server then do the same
ngrok http 4040