What's new

Scriptable port forwarding

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

natenate

New Around Here
I run a number of services in my network which I access from outside of my home in a cluster of RaspberryPis. The entire architecture is automated using Consul for service discovery and Traefik as a reverse proxy. The only weak link in my high availability setup is port-forwarding ports 80 and 443 from my RT-AC68U running Asuswrt-Merlin which requires a manual change if the node running my reverse proxy ever changes. My preferred architecture would provide high availability by having the internal IP address of the port forward update automatically if the node running Traefik changes by querying the Consul service catalog.

Is it possible to script updates to the port forwarding table?
 
Is it possible to script updates to the port forwarding table?
Here is a crude script PortForward.sh which was designed to be used during the BOOT process for bulk uploading of Port Forward rules to circumvent the v384.xx NVRAM size restriction

It is probably overkill, but you should be able to extract the single line that physically deletes/creates the actual iptables rule

A user defined file containing the desired new Port Forwards

e.g. demonstrate adding two Port Forward rules 33380/33381 for two NAS apps
Code:
# Service Name    Source IP    Port Range    Local IP    Local Port    Protocol

#Dummy TCP Service,,12345,192.168.1.99,8081,TCP
#Dummy UDP Service,,54321,192.168.1.88,30088,UDP
#Dummy ? Service,,20077,192.168.1.77,20077,
#INVALID Service,,12345,192.168.1.66,20066,wot
#Both TCP/UDP Service,,55555,192.168.1.55,20066,both
#FROM TCP Service,192.168.99.500,44444,192.168.1.44,44444,tcp

Photo Station DS-416,,33380,192.168.1.197,80,tcp
<Photo Station DS-110J>>33381>192.168.1.195>80>TCP
 
@Martineau thank you for pointing me in that direction. That looks like exactly what I'd need. When I get the final script up and running I'll link it for posterity.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top