Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Andrey Kamynin2021-05-18 07:45:36
git
Andrey Kamynin, 2021-05-18 07:45:36

Why is GIT port forwarding not working?

[Solved]
Hello!

Can you please tell me what I didn't take into account (or what I'm doing wrong)?
We want to ask the port to the locally installed git with repositories through an intermediate host (proxy) - such an architecture.
Incoming port 443 is open on the proxy, port 2222 is open on GIT (on which git is running)
The connection string to git works from the local network: ssh://[email protected][local_ip]:2222/[gitcatalogPath ] I
planned to achieve forwarding using port forwarding from the Internet of such a connection (directly to git is impossible).

After applying the rules described below, access from outside does not pass.
If you specify ssh, then:

ssh://[email protected][public_ip]:443/[gitcatalogPath]
Could not read from remote repository.


If you specify https, then:
https://[email protected][public_ip]:443/[gitcatalogPath]
unable to access 'https://[public_ip]:443/[gitcatalogPath]': Failed to connect to public_ip port 443: Timed out


My Firewalld Settings:
// Enable Masquerading
sudo firewall-cmd --zone=public --add-masquerade
// Add Port Forwarding
sudo firewall-cmd --permanent --zone=external --add-forward-port=port=443:proto=tcp:toport=2222:toaddr=[local_ip]


Settings:
firewall-cmd --permanent --list-all --zone=public
public
  target: default
  icmp-block-inversion: no
  interfaces:
  sources:
  services: cockpit dhcpv6-client http https ssh
  ports:
  protocols:
  masquerade: no
  forward-ports:
        port=443:proto=tcp:toport=2222:toaddr=[local_ip]
  source-ports:
  icmp-blocks:
  rich rules:


Based on this, I ask for advice:
1. What did I miss?
2. Is there an additional option to enable port-forwarding in Centos like in debianLike systems?

UPD: Solved.
I'm a fool myself)
1. Centos 8.3 with firewalld does not need the forward setting sysctl -w net.ipv4.ip_forward=1 (at least in my case, but I think someone who will do this himself can turn it on, as far as I understand, troubles and because of her).
2. Transferred the interface and rules to the external zone.
3. Just in case, I installed the external zone by default (but this is not necessary).
4. The eye blurred, indicated the wrong IP of the server with Git.
After these edits, access to the repository was obtained from an intermediate host. Hooray!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
A
Andrey Svininykh2016-06-02 07:29:54
How to report on a Git repository? 5Reply
M
Mikhail Gavrilyuk2020-09-10 19:39:04
How to update local repository from remote server? 0Reply
B
bernex2014-04-16 06:05:41
Bitbucket (Github) - how to organize automatic deploy? 3Reply
P
Plant2016-06-03 10:44:42
Git, is it possible to attach remote changes to a project? 1Reply
T
Tuckson2020-09-12 13:12:43
How to remove 5000 items from source control? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question