Hosting PHPBB behind router on a local network

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Suggested Hosts
Post Reply
Privet
Registered User
Posts: 13
Joined: Sun Dec 30, 2001 10:12 pm
Location: USA, Redmond, WA
Name: Boris Zverev
Contact:

Hosting PHPBB behind router on a local network

Post by Privet » Mon Oct 29, 2018 12:02 am

I used to host (more than 20 years) my board https://forum.privet.com on a separate static IP address but some time ago I decided to reduce my expenses for forum and ordered just one static IP from provider. This address was assigned to my router (Netgear R8000 under LEDE OpenWrt 18.06.1). Forum was moved to a local network. Yes I am hosting forum at home.
Since then I found myself in a trouble. Some forum security features worked incorrectly, customers could not even see youtube videos in a posts but the most annoying was - all posts were coming from one IP - local IP of my router. I resolved some urgent problems but still it was not a final solution.
I tried to google solution but unfortunately I could find only similar questions. May be solution is obvious for network administrators but not for me. Finally I found solution that works for me. In fact it is quite simple.
After ports forwarding setup using OpenWrt web form you may find these settings in your /etc/config/firewall file:

Code: Select all

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option masq '1'              <---- remove
	option network 'lan'
	
config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option masq '1'
	option mtu_fix '1'
	option forward 'ACCEPT'  <--- change to REJECT
	option network 'wan'

...

config redirect
	option name 'http'
	option src 'wan'
	option proto 'tcpudp'
	option src_dport '80'
	option dest_ip '192.168.1.2'
	option dest_port '80'
	option target 'DNAT'
	option dest 'lan'

config redirect
	option name 'https'
	option src 'wan'
	option proto 'tcpudp'
	option src_dport '443'
	option dest_ip '192.168.1.2'
	option dest_port '443'
	option target 'DNAT'
	option dest 'lan'
...
192.168.1.2 if IP of a web server. Router 192.168.1.1 is programmed as it's gateway. To apply offered changes you'll need to run
/etc/init.d/firewall restart.

Now the web server receives original IPs and all forum's features work exactly as they worked when web server was connected directly to Internet with static IP.

Just interesting... is there any downside of this solutions?
Thanks.
Last edited by Privet on Mon Oct 29, 2018 9:38 am, edited 1 time in total.
Thanks,
Privet.

User avatar
AmigoJack
Registered User
Posts: 5390
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: Hosting PHPBB behind router on a local network

Post by AmigoJack » Mon Oct 29, 2018 8:15 am

I had the opposite problem: having a board inside a network and letting it access the internet (i.e. to check remote picture file dimensions). Could be solved rather easily by using PHP's stream-context-set-default() to let every HTTP(S) request use a given proxy.
The worst thing about censorship is ███████████
Affin wrote:
Tue Nov 20, 2018 9:51 am
The problem is probably not my English but you do not want to understand correctly.
...
We will not come anybody anyway, nevertheless, it's best to shit this.

Post Reply

Return to “phpBB Discussion”

Who is online

Users browsing this forum: Juro_ and 27 guests