Skip to content
This repository was archived by the owner on Jul 4, 2023. It is now read-only.

Feature - Port Ranges #24

Open
2 tasks done
TolleyLikesRice opened this issue May 2, 2022 · 6 comments
Open
2 tasks done

Feature - Port Ranges #24

TolleyLikesRice opened this issue May 2, 2022 · 6 comments
Labels
enhancement New feature or request

Comments

@TolleyLikesRice
Copy link

Terms

  • This request is not a duplicate of an existing feature
  • I have provided as much information as I can about the new feature.

Summary

The ability to enter ports such as 3000-4000/tcp since its much better than 3000/tcp,3001/tcp,etc. This would also need to be followed up with support for specifying one IP for this range.

Motivation

Why are we doing this?

To make it a lot faster to do lots of ports.

What use cases does it support?

Game server panels, or other applications which require a large range of ports

What is the expected outcome?

Entering ranges of ports

Potential conflicts / foreseeable issues

None that I can think of

Additional Context

I've had to do it manually for only 100 ports with both protocols (so 200 entrys) and it took a while, would be much nicer to just deal with 2 entries (one per protocol)
@TolleyLikesRice TolleyLikesRice added the enhancement New feature or request label May 2, 2022
@TolleyLikesRice
Copy link
Author

Conflict, on the VPS side, having too many ports in the PREROUTING bot causes a "too many ports" error in iptables
image

@mochman
Copy link
Owner

mochman commented May 2, 2022

I implemented this a few versions ago, but I apparently forgot to put it in the docs. You should be able to put in 3000:4000/tcp in the Oracle script and it will add the rules to iptables and ufw respectively. If that doesn't work, can you let me know. Thanks.

@TolleyLikesRice
Copy link
Author

Hmm, using 80/tcp,443/tcp,8080/tcp,2022/tcp,6900:7000/tcp,6900:7000/udp cuases everything to stop working, however 80/tcp,443/tcp,8080/tcp,2022/tcp works just fine. The script shows no errors, just all requests time out. Using the same IPs for the desinations and everything.

@TolleyLikesRice
Copy link
Author

TolleyLikesRice commented May 3, 2022
edited
Loading

Actually, not a timeout Uptime Kuma reports a EHOSTUNREACH with a few connection refuses too

@mochman
Copy link
Owner

mochman commented May 3, 2022

I just tested this out with my setup and one of the ports in the block. It works for me. What does the PostUp section of your /etc/wireguard/wg0.conf file on the VPS look like?
Are you using Oracle Cloud? Did you open up those ports in the Ingress Rules of your network?
What does sudo ufw status on your VPS say about those ports?

@TolleyLikesRice
Copy link
Author

Sorry for the delay

UFW:
image

All ports open in Oracle Cloud (i think)

VPS wg0.conf

PostUp = iptables -t nat -A PREROUTING -p tcp -i enp0s3 --match multiport --dports 80,443,8080,2022,6900:7000 -j DNAT --to-destination 10.1.0.2
PostUp = iptables -t nat -A POSTROUTING -o enp0s3 -j SNAT --to-source 10.0.0.38
PostUp = iptables -t nat -A PREROUTING -p udp -i enp0s3 --match multiport --dports 6900:7000 -j DNAT --to-destination 10.1.0.2;

PostDown = iptables -t nat -D PREROUTING -p tcp -i enp0s3 --match multiport --dports 80,443,8080,2022,6900:7000 -j DNAT --to-destination 10.1.0.2
PostDown = iptables -t nat -D POSTROUTING -o enp0s3 -j SNAT --to-source 10.0.0.38
PostDown = iptables -t nat -D PREROUTING -p udp -i enp0s3 --match multiport --dports 6900:7000 -j DNAT --to-destination 10.1.0.2;

Now all ports are broken, whereas if I don't have port ranges but every thing else it's just fine

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mochman @TolleyLikesRice