cannot get node dns program to work externally

44 views
Skip to first unread message

Aaron Gray

unread,
Aug 7, 2017, 5:56:11 PM8/7/17
to debia...@lists.debian.org, nod...@googlegroups.com
Hi,

I have a node.js based dns program on port 53 and have it working as localhost on debian 8.5 but I cannot seem to get it to work externally despite getting the firewall rules right having tested them with Bind9.

-A INPUT -p udp --dport 53 --sport 1024:65535 -j ACCEPT
-A OUTPUT -p udp --sport 53 --dport 1024:65535 -j ACCEPT
-A OUTPUT -p udp --sport 53 --dport 1024:65535 -j ACCEPT
-A INPUT -p udp --dport 53 --sport 1024:65535 -j ACCEPT

-A OUTPUT -p udp --sport 53 --dport 53 -j ACCEPT
-A INPUT -p udp --dport 53 --sport 53 -j ACCEPT

Also I have done :-

    setcap cap_net_bind_service=+ep /usr/bin/nodejs

to allow node to work with ports less than 1024.

I have my node dns program working on port 53 UDP with dig from localhost but Basically not externally on the local network and cannot work out why ?

I have mainly been using :-


for testing.

Its probably something obvious hope someone can help !

--
Aaron Gray

Independent Open Source Software Engineer, Computer Language Researcher, Information Theorist, and amateur computer scientist.

Mikkel Wilson

unread,
Aug 10, 2017, 2:38:22 PM8/10/17
to nodejs, debia...@lists.debian.org
I haven't run this locally to test, but you appear to be binding only to the localhost address: https://github.com/tjfontaine/node-dns/blob/master/examples/forwarder.js#L10

This should exhibit the symptoms you mention and allow it to work on localhost and not on remote addresses. Change this from '127.0.0.1' to '0.0.0.0' to bind on all addresses and it should be available externally as well.

Mikkel

Aaron Gray

unread,
Aug 20, 2017, 5:35:08 PM8/20/17
to nod...@googlegroups.com, debia...@lists.debian.org
Mikkel,

Cheers ! Knew it had to be sometyhing simple. Stange that port 80 works with localhost 127.0.0.1 though ?

Aaron

--
Job board: http://jobs.nodejs.org/
New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md
Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
---
You received this message because you are subscribed to the Google Groups "nodejs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nodejs+unsubscribe@googlegroups.com.
To post to this group, send email to nod...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/ec063c84-9f7f-4c53-a18d-921e25ebf9ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Mikkel Wilson

unread,
Aug 29, 2017, 5:13:42 PM8/29/17
to nodejs, debia...@lists.debian.org
Aaron,

Listening to 127.0.0.1 and not on the other addresses would make this work on port 80 on localhost only. That's just how the TCP stack works. If you want to test this, find whatever your DHCP IP address is (`ifconfig en0`) and listen on that IP address. You should find that you can hit port 80 on that IP and not on localhost. Listening on 0.0.0.0 will listen on all available addresses on the host.

Best,
Mikkel
To unsubscribe from this group and stop receiving emails from it, send an email to nodejs+un...@googlegroups.com.

To post to this group, send email to nod...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/ec063c84-9f7f-4c53-a18d-921e25ebf9ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages