I’ve been able to set up sending and listening to http requests locally using 127.0.0.1:8000. I want to try doing it using the internet now.
I have a VPN with port forwarding enabled, but sending requests to that IP address and port does not yield a response like it did when doing it locally.
Can anyone clarify which address I should be listening on in order to receive http requests from the internet? I tried 0.0.0.0 and a few inet addresses from ip add, but none of them work.
You must log in or register to comment.
I disagree with all the “Wat r u doing?? No, study for a year before you try anything!!” Yes, it’s a bad idea to have an http server able to receive requests from anyone on the net if you don’t know what you’re doing, because there are people scanning public services looking for things to hack all the time, and you could have everything on your computer compromised. But if you’re trying to just understand how it works, I think it helps the knowledge to click to make a thing do what you want. Eventually you can get your opnsense router and set up a separate vlan for your new homelab server and all that jazz, and then actually leave your http service running for the world to try to hack.
If a port checking tool says your port is open for soulseek, then the port forwarding of your vpn is working for that port. Idk what vpn provider you have, but all the ones that I’ve used with a port forward have only allowed me to have one random high-numbered port at a time. I’m assuming you have a way to find out what that port is and then configure soulseek to listen on it. You should be able to have your http service bind to 0.0.0.0:(that port), and it will work just like soulseek does. You can’t do this while ss is listening on that port, because only one thing can listen on a port at a time.
Btw, I’m new to lemmy. How tf do you reply to a comment in the web app on mobile? I accidentally downvoted you trying to figure it out lol
Assuming your vpn provides a stable remote IP, your client connection needs to use that. Try “whatsmyip” or similar over the vpn. The remote address almost certainly won’t appear in the local output of
ip a.Locally, listen on the “this host”, 0.0.0.0.
You may need to check your firewall locally.
You don’t need to run your http service to troubleshoot - simple tools like netcat can listen for incoming requests -
nc -l 0.0.0.0 8000or what-have-you.Finally: you might want to look at using a shell host as the client rather than targeting your vpn ip from your local host, just to take hairpin connections out of consideration when troubleshooting.
Ok, you are putting the cart a few steps before the horse here and put simply, you can’t just tap the entire Internet from behind your own Internet connection and “through” a VPN. (A VPN “tunnel” is a bit misleading on how traffic is seen in the wire, but that is still many more steps ahead.)
Watching pcap is cool, but you need a fundamental understanding of networks and network protocols before you can actually see more than characters of the Matrix and understand what you are tapping into from the start.
To kick off your own research path, start reading into the OSI Model, TCP vs UDP, traffic routing and subnetting. You need to understand where you need to be to see the traffic you want to see first.
Unfortunately, I can’t begin to answer your question without some foundation in place first.
So, you don’t know how to listen for an HTTP request that’s sent over the internet to a VPN IP address with port-forwarding enabled?
They are telling you that you need to learn some more networking before you do anything.
There is no reason to expose a http server on the internet
There is no reason to expose a http server on the internet
Lolwut.
…what are you trying to do? There is no “listening” for http from the internet unless someone is explicitly sending something to/through you.
It is listening but it needs stuff to come to it.
Right, so are you sending anything, or how have you redirected traffic to it?
In unicast traffic is sent to the network interface when it matches the IP. In a layer 2 lan this is done by using ARP to query the Mac associated with the IP. When traffic gets routed in layer 3 it is done by subnet.
When a new packet is received the OS then will put the data into a buffer accessible by the application. When an application “listens” it is simply telling the OS that it wants to be the one to process incoming data on a particular IP and port.
With multicast, a client requests a particular IP be sent to it via IGMP packets.
your VPN probably has you on a nat.
Port forwarding works properly with soulseek. Is there some way to get around a nat, or could it be some other issue?
Soulseek can work behind NAT, you just can’t connect to everyone. It can appear working, but not actually be.
If you want to be sure, check if your soulseek port is actually open from the outside using something like this https://portchecker.co/
I know soulseek is working. It’s port-checking tool says my port is open and I can see my files being downloaded by other users.
Don’t do this as it is a very bad idea
What is the end goal?
