this post was submitted on 28 Oct 2024
76 points (95.2% liked)

Selfhosted

40644 readers
827 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

For folks that are unable to port forward on the local router (eg CGNAT) I made this post on doing it via a VPS. I've scoured the internet and didn't find a complete guide.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 1 month ago* (last edited 1 month ago) (1 children)

Hey, great post. I have one request. Can you maybe add some description for what the iptables entries do? I have a similar setup with a lot less iptables rules that works well for me. But I'm not an expert in networking, and am now worried that I might be missing something that can leak my home IP.

[–] [email protected] 3 points 1 month ago (2 children)

Thanks for the feed back. I started out with that post I referenced in my article, which had fewer entries. It didn't work. Caveat was although the online port checkers were reporting the port as open, it was not actually making through the tunnel!

I actually solved it by asking chatgpt!! I put in the suggestions and it worked. I'm also no expert on creating iptables, but once it was in place it seemed self explanatory.

I ran netcat as client-server to test it actually worked.

[–] [email protected] 4 points 1 month ago (2 children)

Idk man, it seems pretty irresponsible to me to write a blogpost with stuff that you got from ChatGPT without understanding it. People will assume that if you wrote a blogpost on this then you know what you're doing. ChatGPT gets stuff wrong all the time, and we're talking about firewall configuration here. If it misconfigured some stuff it could leave you and your readers vulnerable to all kinds of shit.

In this case it seems to me that (luckily) there's just a bunch of redundant routing, but the next time it could be leaking your and your readers' torrent traffic out of the VPN tunnel, leaving you vulnerable to legal repercussions for piracy.

Please don't authoritatively post stuff that you got from the automatic bullshit generator without understanding it.

[–] [email protected] 1 points 1 month ago

I understand what you mean. It's become a habit of mine lately, and I learn lots in the discussion to.

In my defence I did run some tests and confirm it's functioning.

[–] [email protected] 0 points 1 month ago (1 children)

I understand what you mean. It's become a habit of mine lately, and I learn lots in the discussion to.

In my defence I did run some tests and confirm it's functioning.

[–] [email protected] 3 points 1 month ago

Look at the very least you should write in the blogpost clearly which parts are generated by LLMs, so your readers can decide whether to trust them.

[–] [email protected] 3 points 1 month ago* (last edited 1 month ago)

I took a look at it. From what I understand, some of the lines in your setup are redundant. The final product seems to do basically the same job as mine. In any case, if it works, it works.