Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 5 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
until recently I was using lighttpd + openvpn + sslh, to provide both HTTPS and OpenVPN on port 443. But sslh has some significant issues with passing remote IP address to HTTP server and also it does not work well with Gitlab. So I moved to nginx and now I'm trying to achieve the same functionality with OpenVPN as before.
How to configure nginx to handle incomming HTTPS connections and forward unknown connections to OpenVPN?
I know OpenVPN can do this with HTTPS, but it does not solve problems with passing remote IP address to web server (correct remote IP address is more important for web server than for OpenVPN).
Other way around may be like Websockets do, to let OpenVPN to use HTTP upgrade or similar technique, but I haven't found anything about that in OpenVPN documentation.
Nginx is not capable of looking into SSL connections to determine the protocols used to further forward the connection to either an http/https upstream, or a VPN.
It can handle any arbitrary TCP streams now (and load-balance the connections without looking into payload), but unless you have more than one port or more than one IP address, you'll have to continue to depend on your sslh.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I am trying to connect 2 virtual machines on the same host. Basically trying to ping from one to another. How can it be done if both have same IP address?
edit:
I am currently using hping3 to learn about Denial of service Syn flood. So can the 2 VMs be used for this?
If they share the same IP address this isn't possible. Ping uses ICMP echo requests and replies and ICMP doesn't use ports that could be NATted to different machine.
You'll need to bridge the vNIC to the local network so each VM gets a different IP. Alternatively, you could connect both to an internal, entirely virtual network - depending on what the hypervisor can be configured to do.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 5 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I've tried to do as much research as I can around this and I can't seem to understand one thing. For my University project we were required to do the following:
In VirtualBox Manager select File>Preferences. Select Network and choose NatNetwork (or the one you are using).
Chose the edit network icon.
Select Port Forwarding
In the dialogue box provide a name for the rule (e.g. web), leave the host IP blank, provide a host port (e.g. 8001), then enter the
Guest IP as the IP address of UBUNTU#1 and Guest port as 80 for a web
server (answer yes to any Firewall questions).
Start a simple web server on UBUNTU#1 by using the following command in the terminal window:
sudo python2 -m SimpleHTTPServer 80
Start Wireshark on the private network.
Start a web browser on the host computer and enter x.x.x.x:8001, where x.x.x.x is the IP address of your host computer.
Now we need to explain why do we use this address and port number?
My understanding is that the IP address being used belongs to the router/client on the network we want to make accessible to computers on the internet.
What I don't understand is why we have to use the port 8001?
I've seen that port 8001 is used for diagnostics, I have also seen 8001 is used as it is an available port. But how can it be available if it is being used by someone else.
You can use any port you like as long as both server and client agree on the port number.
Commonly, most services use a "well known" port to make it easy for someone else to connect to them (e.g. TCP 25 for SMTP, UDP 53 for DNS, TCP 80 for WWW, ...).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I have Mikrotik router board,
I want to forward all site request to an IP address of specific site, in some hours of day
For example a.com forward to 188.158.x.x
Can any one help me?
using web proxy to forward http request to web proxy server Address
/ip proxy
set cache-administrator="Mehdi Haghshenas" enabled=yes max-cache-size=none \
parent-proxy=0.0.0.0
/ip proxy access
add action=deny dst-address=!x.x.x.x redirect-to=x.x.x.x
x.x.x.x is the server want to forward to
then you must add nat to forward http request to proxy server using
/ip firewall nat
add action=redirect chain=dstnat disabled=yes dst-address-list=!LocalIP dst-port=\
80 protocol=tcp src-address-list=LocalIP to-ports=8080
/ip firewall address-list
add address=192.168.0.0/24 list=LocalIP
add address=192.168.1.0/24 list=LocalIP
Just write a script which redirect all HTTP traffics to specific IP address and use routerOS scheduler to execute this rule in a specific time of the day/night, then write another script to remove that rule in another time. If you need sample just tell.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
We are running a Java based web-application, and were in the process of updating the site from http:// to https:// (by installing SSL cert),but encountered issues with bringing the site online.
On further analysis, we found that the port 443 was being blocked, which was preventing this site from being accessible on https://
We informed the same to the Network team, to open firewall on port 443. But the problem is, they keep coming back asking for the destination port.
We provided the source IP (IP of the application server)...what would be the destination IP (is there a specific destination IP if a site needs to be accessible on https://) ????
My question is, what would be the destination port, to open firewall to make a site accessible on https:// ??
Most likely they want to setup NAT so that incoming requests coming to NAT:443 are routed to :443 , and for this they do need an IP of the server within the local network.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I have a Windows 2008R2.
On a NIC, I have 3 ip aliases :
- two have the same subnet and it works well
- the third is on a different subnet
I can ping the third ip.
I can see the packets who are coming on this ip with Wireshark.
I have a service who list on the 0.0.0.0 address.
When I try to connect to this service, it is like the packet are not going to the service.
I tried with netcat also in listen mode and I had the same problem (If I connect via the loopback ip, netcat receive my datas...)
Is the ip aliases have to be on the same subnet on the same nic ?
Thanks in advance
Best regards
This will never work. I tried with an additionnal nic and it worked