Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Andrey Kamynin2021-05-18 07:45:36
git
Andrey Kamynin, 2021-05-18 07:45:36

Why is GIT port forwarding not working?

[Solved]
Hello!

Can you please tell me what I didn't take into account (or what I'm doing wrong)?
We want to ask the port to the locally installed git with repositories through an intermediate host (proxy) - such an architecture.
Incoming port 443 is open on the proxy, port 2222 is open on GIT (on which git is running)
The connection string to git works from the local network: ssh://[email protected][local_ip]:2222/[gitcatalogPath ] I
planned to achieve forwarding using port forwarding from the Internet of such a connection (directly to git is impossible).

After applying the rules described below, access from outside does not pass.
If you specify ssh, then:

ssh://[email protected][public_ip]:443/[gitcatalogPath]
Could not read from remote repository.


If you specify https, then:
https://[email protected][public_ip]:443/[gitcatalogPath]
unable to access 'https://[public_ip]:443/[gitcatalogPath]': Failed to connect to public_ip port 443: Timed out


My Firewalld Settings:
// Enable Masquerading
sudo firewall-cmd --zone=public --add-masquerade
// Add Port Forwarding
sudo firewall-cmd --permanent --zone=external --add-forward-port=port=443:proto=tcp:toport=2222:toaddr=[local_ip]


Settings:
firewall-cmd --permanent --list-all --zone=public
public
  target: default
  icmp-block-inversion: no
  interfaces:
  sources:
  services: cockpit dhcpv6-client http https ssh
  ports:
  protocols:
  masquerade: no
  forward-ports:
        port=443:proto=tcp:toport=2222:toaddr=[local_ip]
  source-ports:
  icmp-blocks:
  rich rules:


Based on this, I ask for advice:
1. What did I miss?
2. Is there an additional option to enable port-forwarding in Centos like in debianLike systems?

UPD: Solved.
I'm a fool myself)
1. Centos 8.3 with firewalld does not need the forward setting sysctl -w net.ipv4.ip_forward=1 (at least in my case, but I think someone who will do this himself can turn it on, as far as I understand, troubles and because of her).
2. Transferred the interface and rules to the external zone.
3. Just in case, I installed the external zone by default (but this is not necessary).
4. The eye blurred, indicated the wrong IP of the server with Git.
After these edits, access to the repository was obtained from an intermediate host. Hooray!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
S
svilkov872017-09-14 09:23:37
How to change the latest commits if the push has already passed? 2Reply
O
Oleg2017-09-16 00:06:03
The user is incorrectly specified in the github. How to fix? 1Reply
G
Gruapk2020-02-10 18:58:34
When loading a deployment on Heroku, such an inscription pops up, what should I do? 1Reply
S
SolnceSAI2017-09-26 10:17:43
How to exclude all folders with .gitignore except for one? 1Reply
V
Vladimir Alekseev2017-09-28 10:12:36
Advice for a web project in Java? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question