Replies (23)
WTF, thatβs a huge attack vector against bitcoin if this is true!
no itβs just some stupid ISP stopping offering static IPs
View quoted note βyeah, this is giving me the opportunity to finally switch to a 3Gbps fibre connection with a proper business plan that guarantees a static ip. I just lucked out with the consumer static ip before I guess.
my ISP here offers static IP to consumers. otherwise you're CGNAT'ed
hosting on ISPs has always been a non reliable thing because of CGNATs. requiring an ISP business plan to run a routing lightning node is the real issue.
maybe ipv6 fixes this, maybe not
Damn, fuck Rogers then. Buncha greedy bastards.
looks like the buyout of shaw to rogers kicked us all off into cgnats without even asking. rogers fucking sucks so I'm switching to telus.
rogers are the biggest cunts of the canadian isps, always has been
Diteciona via dns para o Nosso por enquanto, sem problemas:
189.91.231.46
wss://internationalright-wing.org
Se o fizer nos chame, que fazemos o SSL funcionar.
nov 5th ouch, why not just spin up a wireguard reverse tunnel in the meantime?
interesting idea...
I've been pretty impressed by the latest wireguard features, or maybe it's the systemd-networkd integrations, but it manages the routes and masquerade for you. Recovers from network outages automatically and never have to touch it.
thanks for this idea. i use my wireguard for masquerading vpn connections, but never thought about setting up a persistent tunnel for a specific port. will try
I have been using
@Tunnelβ‘οΈSats for a year. Great service.
looks like the nixos config for this is pretty trivial
yeah, that's why I like it so much. It's such a clean config. Tho, yeah I just remembered you do have to setup DNAT, SNAT, and FORWARD yourself on the exit node, that's where you'll do the public ports -> wireguard interface..
Cheat sheet for ya:
wg_ip1=ip of your wg0 on the remote
wg_ip2=ip of your wg0 on local
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9735 -j DNAT --to-destination $wg_ip2:9735
iptables -t nat -A POSTROUTING -o wg0 -p tcp -d $wg_ip2 --dport 9735 -j SNAT --to-source $wg_ip1
iptables -A FORWARD -i eth0 -o wg0 -d $wg_ip2 -p tcp --dport 9735 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
I assume you have watched towers setup. π
awesome guide, that looks very similar to what i did
Remember, remember, the fifth of November
I'm the meantime switch your ln address so we can zap you.
should be working now
Works β
