disassembler
commented
7 years ago The destination should be in the form <ip address>:<port>.
Open mogorman opened 7 years ago
disassembler
commented
7 years ago The destination should be in the form <ip address>:<port>.
mogorman
commented
7 years ago i also tried [ { destination = "127.0.0.1:5001"; sourcePort = 5001; } ]
disassembler
commented
7 years ago Just replicated this with mpd. You need to specify that the public interface can route to localnets. Add this to sysctl block: "net.ipv4.conf.eth0.route_localnet" = 1;
mogorman
commented
7 years ago if i set that i can get in via eth0, but not the other interfaces. I tried setting the same but changing the interface but it still doesnt work
mogorman
commented
7 years ago actually i see now that eth0 works even when this isnt set. the internal interfaces dont work no matter what i try
mogorman
commented
7 years ago right, i realize i had it wrong that a destination must have an address and port. i have corrected that and still have a problem
mogorman
commented
7 years ago it looks like with everything set correctly, it will only work on the external interface. Is there a a reason we dont add those other routes here https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/networking/nat.nix#L43
globin
commented
7 years ago A possible option would be to add an interfaces option to the forwardPorts rules.
flokli
commented
4 years ago I also tried getting some port forwarding to work with @zimbatm, and it seems it's still broken. I also couldn't find a NixOS VM test to quickly check this. @wkennington, @volth, could you take a look?
stale[bot]
commented
3 years ago Hello, I'm a bot and I thank you in the name of the community for opening this issue.
To help our human contributors focus on the most-relevant reports, I check up on old issues to see if they're still relevant. This issue has had no activity for 180 days, and so I marked it as stale, but you can rest assured it will never be closed by a non-human.
The community would appreciate your effort in checking if the issue is still valid. If it isn't, please close it.
If the issue persists, and you'd like to remove the stale label, you simply need to leave a comment. Your comment can be as simple as "still important to me". If you'd like it to get more attention, you can ask for help by searching for maintainers and people that previously touched related code and @ mention them in a comment. You can use Git blame or GitHub's web interface on the relevant files to find them.
Lastly, you can always ask for help at our Discourse Forum or at #nixos' IRC channel.
busti
commented
2 years ago I had to add the following iptables rule to make it work
networking.firewall.extraCommands = "iptables -t nat -A POSTROUTING -d <destination_ip> -p tcp -m tcp --dport <destination_port> -j MASQUERADE";works for both tcp and udp
imincik
commented
1 year ago I had to add the following iptables rule to make it work
networking.firewall.extraCommands = "iptables -t nat -A POSTROUTING -d <destination_ip> -p tcp -m tcp --dport <destination_port> -j MASQUERADE";works for both tcp and udp
@busti , thank you very much. It works for me as well.
My UDP port forwarding configuration is following:
networking = {
firewall.extraCommands = "iptables -t nat -A POSTROUTING -d 192.168.171.5 -p udp -m udp --dport 1194 -j MASQUERADE";
nat.forwardPorts = [
{
proto = "udp";
sourcePort = 11194;
destination = "192.168.171.5:1194";
}
];
}
Issue description
I am trying to expose ipfs web admin out over my local network, but when i try to forward the port to localhost where it is listening it doesn't seem to route anything to it. I have worked around the issue by having it listen to the specific interfact i wanted to access it on, but I wasn't sure why this didn't work. attached is my networking.nix file that configuration.nix addresses.
Technical details