Dynamic DNS port forwarding - tcp

I need to use my computer as a server but my ISP blocks port 80, 21, 23 etc. I can use other ports and some dynamic dns service but I don't want:
(HTTP) Users have to type http://mydynamicdnsaddress:#port#
(HTTP) Users be redirected from http://mydynamicdnsaddress to http://mydynamicdnsaddress:#port#
(HTTP) Some kind of service that gets HTTP response and change it before resending to users. No-ip and GoDaddy do that. They change some parts of html - eg: title.
Users have to type ftp://mydinamicdnsaddress:#port#
I believe that I need some kind of dynamic dns service that points to a router that forwards TCP packets to another address changing ports. Do you know any online service like that?

Many "dynamic DNS companies use HTTP redirection to send the browser from port 80 to a different port. When you ask a dynamic DNS company to point your domain to a port other than 80, what they actually do is point the domain to their own web-server IP address (in DNS), and then on their web-server (running on port 80) they have a simple server side script which redirects the browser to the your web-server on whatever port you specified - optionally "cloaked" so the visitor won't notice." Can I specify a TCP/IP port number for my web-server in DNS? (Other than the standard port 80)
Here's a reference article for a redirection script: Redirect Script.

What you are asking for is a tunnel or proxy. You'd set up a server which receives communications via port (e.g.) 80 and proxies that request to your home server on port-whatever. You'd probably need to get a dedicated host (or VM like linode) in order to do this. At that point, you might as well move your webserver to the unblocked host.
Also, to be clear, this is impossible with pure DNS. DNS, "Domain Name System", resolves names to IP addresses, NOT to IP address/port pairs.

Most dynamic DNS service providers also provide free web redirect or port forwarding such as dynu.com.
Please note that the cloak works by loading the page in a frame of sort and it does not work with all browsers. For example, Chrome does not support cloak.
As far as I know, you cannot specify the port number in the DNS unless the web server which performs redirection is clever enough to read out the TXT record and use it for redirection. Any web server doing that would be really nice though.

Related

What's the different use IP directly and config the local host?

I try to use IP directly access a URL by HTTP protocol, there are two methods here:
Use the URL which the domain replace with its IP
Config the IP and domain pair in local host of system
When the http request arrived the server, from the point of the server view, what's the different between the both request?
There would be no difference to the server. It is up to the client to resolve domain names to their IP addresses and there are a few ways to do that. One is to use a DNS server, another is to use the hosts file.
To add on, the domain is most certainly sent in the HTTP request. The browser (or other HTTP client) is responsible for that. If you use the IP, then no domain will arrive at the server, meaning it will serve up whatever is configured as the default content for the IP. The domain info is what allows the server to server multiple domains on a single IP.
Consider a Client connects to a Server.
First thing your computer does, is to analize the address you input.
If you wrote an IP, nothing to do now. If you wrote a domain, it will 'resolve' domain.
Resolving domain (DNS) means to 'translate' your URL into an IP. When computer resolves the domain, it will only use the new IP it got.
Client is sending packages with meta-data, that includes where this package is from (client's ip), where it may reach (server's ip), destin port etc.
Domain is not included on network packages.
Only IPs are included.
That means the server could never know if user connected to it using a domain or its ip directly.

Ip address DNS and Domains

I'm a little confused about IP addresses.
I know that every web domain has an ip address.
Does the IP address represent the physical machine / host the website files are stored on?
Therefore when DNS lookup is performed, the domain's IP address is returned to the client. The client then uses this ip to contact the server that the web files reside on.
Is my understanding correct?
Many thanks
You are correct.
It is kind of like how some companies may say Dial PIZZAHUT instead of saying, Dial 74992488. PIZZAHUT is easier to remember, but you actually are dialling the number.
You're talking about HTTP protocol. Yes, FQDN (web domain) is resolved to IP address by DNS server. Client will connect to server IP address. Since you're probably using HTTP 1.1, HTTP request will contain also FQDN. This information is used by web server to perform several checks, like SSL certificate validation or Virtualhost management (several domains on a single IP address).

HttpListener working on local network, but not externally

I am attempting to spin up an application that listens on a port and responds to HTTP requests. I am on a Windows 8 machine connecting through a Netgear router that provides port forwarding. I have:
modified my DNS zone file of one of my domains to point to the IP address that is assigned to my cable modem
Added a port-forwarding rule to my router that sends requests to port 8080 to port 8081 on my computer
Opened port 8081 on my Windows Firewall
Executed netsh http add urlact http://+:8081/ user=Everyone listen=yes as administrator
Started up my app which uses the simple webserver solution found at http://codehosting.net/blog/BlogEngine/post/Simple-C-Web-Server.aspx which uses an HttpListener object with a prefix of http://+:8081/.
From any machine on my local network, I can browse to http://home.example.com:8080/blah/blah and everything works great. Whenever I attempt the same URL from a machine connected elsewhere on the Internet, the connection times out. I have tried using the IP address instead the domain name, and have tried disabling my Windows Firewall (temporarily), still with no luck.
I'm sure this is more of a network setup issue than a code issue, but I thought I would ask anyway to see if there is anything I can do. Sorry for the spaces in the urls above. This is my first post to SO, and I apparently don't have enough of a reputation to post more than a single link.
By "elsewhere on the Internet", I am assuming you are attempting to access it from a different ISP.
The thing about some ISPs is that unless you are paying for a "business class" connection, they will do all sorts of tricks to ensure that you remain a "consumer". What you need is an unNATed static IP address.
By this I mean that the IP address that you may have at your home may not be accessible to the outside world because the ISP is actually NATing (or other) that address to you. This is a fairly common practice because of limited IP4 addresses. If you really want a service accessible via the WWW, I would suggest moving your product to a VPN, or at least a commodity hosting provider.
Edit: Try a VPN service like Hamachi

Can network admin change the default port for http

I gave an answer to following thread. but in the comment a user suggested that network admin can change the default port of http from 80 to something else.
As for as I know if I open a page eg. http://www.example.com without port that means it is running on port 80.
I just want to clarify that is it possible for network admin to change default port?
When using a browser, http://www.example.com will always try and connect to the server's TCP port 80, like it's port 443 for HTTPS connections. These port numbers (defined here) are hard coded in any browser.
Yet a web server can be configured to listen to any other port, which rarely makes sense though. If it does, the browser will be unable to connect (unless the port no. is explicitly given as in http://myserver.com:81).

How to implement OpenDNS style proxying of web traffic

I have a requirement that I believe may be impossible and wanted to confirm this with experts in this community.
A client wants us to configure a DNS server to point all non-whitelisted domains to an IP address of a server on the internet. This server should forward / redirect all non-http traffic to an IP address associated with the real DNS record as accurately as possible. However, for all port 80 traffic, it should intercept the traffic and forward to a web proxy. This could in theory be possible if we had a large block of public IP addresses that could intelligently route based on the sender's IP to the proper destination, but the engineering effort required there to keep the DNS request and subsequent requests to that same domain in sync would be immense. Not to mention we would be limited from a concurrency perspective.This is probably similar to how OpenDNS does their DNS+Proxying, but they only seem to do it for google.com. This needs to work for an arbitrary set of domains (potentially all of them).
Is the above approach feasible? If not, are there other ways this problem can be approached short of requiring specialized gateway hardware?
Ideally the system will minimize bandwidth usage & latency for non-http traffic without requiring anything besides DNS or firewall configuration. I realize we can forward all http traffic at the firewall level, but the client wants to avoid http requests to CDNs or media heavy sites as well as minimize deployment effort across disparate network configurations.
OpenDNS works by blacklisting instead of whitelisting
When a host is blacklisted, openDNS will resolve the name into their IP address, which in turn prevent the client from accessing the real IP.
In your case, looks like you need transparent proxy where you can route all HTTP traffic to your proxy server:
See :
http://www.howtoforge.com/dansguardian-content-filtering-with-transparent-proxy-on-ubuntu-9.10-karmic
This might not be exactly what you are looking for but take a look at my article "How To Setup A Transparent Content Filtering Proxy" in which I utilize OpenDNS's blacklisting capabilities.
You can do it using two pieces:
DNS resolver configured with *. pointing to IP A.B.C.D (wildcard)
NGINX reverse proxy listening on A.B.C.D that proxy request to the domain present in the Host header.

Resources