maf

maf, 7 months ago

Unfortunately explicit, stable port redirections is something that is still missing. I’ll have to implemnt them (with a proper UI) eventually because under the hood they are also a necessary building block for other features. At the moment there are only “ephemeral” port redirects which may be sufficient for you. They are created automatically when a LAN machine sends out a packet from some source port. That port is then implicitly forwarded back to that machine. This is actually a part of the “Full Cone NAT” thing.

This can be triggered manually for example with something like:

<span style="color:#323232;">nc -p 80 1.2.3.4 1234 </span><span style="font-style:italic;color:#969896;"># send a dummy TCP packet from port 80
</span>

Ephemeral port redirections don’t expire but can be taken over if another LAN host also uses the same source port for outgoing traffic. This may happen randomly because source ports are usually picked at random by the OS. Generally ports below ~32k should be fairly stable because Linux doesn’t use those by default (I don’t know about Windows). Redirecting ports below 1024 should be even more stable because they’re reserved for specific well-known services.

maf, 7 months ago

The relevant part of NAT is actually just those 20 lines.

The hardest part is actually the UI :P The difficulty in building nice UI comes from potential ports listening on the local WAN interface (for example if the machine is also running any HTTP or SSH servers). I’d like the user to see at a glance what ports are used for what (port used by a local service - what service is that?, ephemeral port redirection using the full cone nat table - where is it redirected?, any symmetric nat connections together with their last activity / timeouts / traffic summary). Ideally the same interface should also allow the user to create new redirects.

maf, 7 months ago

I think I’ve found the issue. So I’ve found out that Lemmy has a 200 character limit for titles. My post had 198 characters:

I’ve just released Gatekeeper 1.6.0. It’s a single executable that turns any Linux machine into a home gateway. Now with realtime traffic graphs, LAN autoconfiguration, full cone NAT & better looks.

Removing the word “just” at the beginning brought the total character count to “193”:

I’ve released Gatekeeper 1.6.0. It’s a single executable that turns any Linux machine into a home gateway. Now with realtime traffic graphs, LAN autoconfiguration, full cone NAT & better looks.

And the post got created successfully :)

I think something might have prevented lemmy.world from accepting the 198-character title but worked with 193-character one. This doesn’t happen on my home instance, running lemmy 0.18.1 but happens on @lemmy.world, running 0.18.5.

maf, 7 months ago

Ah, I’ve found the issue. The ampersand character in the title was escaped to HTML entity (&), which bumped the title length above the limit. I noticed this after posting the shorter title & trying to change it back.

maf, 7 months ago

SGTM

Submitted as github.com/LemmyNet/lemmy/issues/4080