-
Access From Custom Interface in 6.12
A workaround is to prevent the init scripts from generating access control configs. For sshd it can be done by adding this line to `/boot/config/go` sed -i '/build_ssh$/d' /etc/rc.d/rc.sshd Once again, I really don't like touching these init scripts because touching them always causes a lot of trouble for me... Please be careful in production environments and take your own risk. I'm not familiar with those http stuffs so sorry can't help with WebUI. Perhaps some SNAT trick would also work. Limetech, please just add a black list mode...
-
-
[6.12.4] Docker Creating Annoying ip rule and route
It looks like docker is creating a meaningless ip rule and a routing table for my server. root@unraid:~# ip rule 0: from all lookup local 32764: from all fwmark 0x29a lookup 666 32765: from 172.31.200.0/24 lookup 200 32766: from all lookup main 32767: from all lookup default root@unraid:~# ip route list table 200 default via 10.6.7.6 dev wg0 10.6.6.0/24 via 10.6.6.254 dev eth0 10.6.6.0/24 and 10.6.6.254 are my LAN subnet and gateway, and 10.6.7.6/24 is the subnet of wireguard. I remember this 172.31.200.0/24 subnet from a long time ago. It was a docker network named by wg0 followed by some hex. It never appeared again after I removed it, however these rule and table keeps appearing after reboot. I know it doesn't affect anything, but since I'm working with other ip rules and tables on my server this is really annoying... Is it possible to remove it forever?
-
Access From Custom Interface in 6.12
I just noticed the Interface Extra settings in Network Settings. However, adding `lo` to `Include listening interfaces` did not work. `Current listening interfaces` stays unchanged after clicking Apply. I was able to add the other custom interface to `Current listening interfaces`, but the traffic is still blocked. I guess this is because the interface is created by docker, and all config files were generated before the container started.
-
Access From Custom Interface in 6.12
I'm having some problems accessing my server after upgrading to 6.12.4 from 6.11.5. The server now rejects any ssh connection unless it's from eth or wiregurad, and the webui rejects any access unless it's from eth, wiregurad or localhost. I have some frp methods that are set up with docker, which makes the source sometimes looks like localhost or from some virtual interfaces. How should I enable the webui and sshd to listen on all interfaces? Modifying `/boot/config/ssh/sshd_config` doesn't seem to work because those listen addresses are restricted by `rc.sshd` when the service starts and I don't want to get my hands dirty with that script, at least not before getting advised to do so by a developer. Also, I didn't find how to configure the webui server.
chierinyan
Members
-
Joined
-
Last visited