mshahr1
commented
1 month ago When multiport mode is enabled on the Iran server, a random port is defined to forward the remaining ports to that port randomly.
If the firewall is enabled and this port is not defined, the external server connection will not be established.
Here's a more detailed explanation:
Port Accessibility: The random port selected for forwarding is accessible on the server's static IP address as well. However, it can only be defined locally within a script.
Firewall Implications: Enabling the firewall on the Iran server prevents external connections from reaching the server. To address this, you have two options:
Disable Firewall: Disabling the firewall completely will allow external connections to reach the server, but it also exposes the server to potential security risks.
Dynamic Port Definition: Alternatively, you can dynamically define the random port in the firewall each time a connection is established. This approach provides a balance between security and connectivity.
Recommendation:
For enhanced security, it's recommended to utilize a dynamic port definition approach. This method maintains external access while minimizing security vulnerabilities.
Additional Notes:
The use of a static IP address simplifies port definition and management.
Implementing a script to handle dynamic port definition can automate the process.
Regularly reviewing firewall rules and security configurations is crucial for maintaining a secure server environment.
سلام. وقتی حالت مولتی پورت روی سرور ایران ست میشه یه پورت رندوم جهت فروارد باقی پورتها به اون پورت به صورت رندوم تعریف میشه... حالا اگه فاریروال روشن باشه و اون پورت تعریف نشده باشه اتصال سرور خارج برقرار نمیشه... اول اینکه این پورت روی خود ای پی استاتیک سرور هم قابل دسترسیه و میتونه فقط به صورت لوکال تو اسکریپت تعریف بشه... دوم اینکه فایروال سرور ایران حتما یا باید دیسابل بشه یا هر بار با تایمر کانکشن دوباره پورت رندوم تو فایروال تعریف بشه.