All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Working With PORTS in a NAT VPS
You have been assigned a range of 20 ports on your Shared (NAT) IPv4 address and 1 extra forwarded port for SSH. The first 20 ports are based on the last octet of your internal IP, you can use these for anything you want, examples below: example: 192.168.1.10 has the following port range usable: 1001-1020 example: 192.168.1.253 has the following port range forwarded: 25301:25320
This is the instruction I received via my provider.
My Internal IP: 192.168.1.23
My Public IP: 104.28.223.111 (Eg)
What I'm trying to do is to run a socks5 server (Danted) . At beginning I used port '1080' and try to access it via 231080 failed*. Then I tried with port '06' and access it with 2306 failed. Any idea how could I proceed further.
*failed means I couldn't access it from outside
Script I used to setup Danted
`#!/bin/bash
echo -e "Please enter the username for the socks5 proxy:"
read username
echo -e "Please enter the password for the socks5 proxy:"
read -s password
Update repositories
sudo apt update -y
Install dante-server
sudo apt install dante-server -y
Create the configuration file
sudo bash -c 'cat < /etc/danted.conf
logoutput: /var/log/danted.log
internal: 0.0.0.0 port = 1080
external: eth0
method: username none
user.privileged: root
user.notprivileged: nobody
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect disconnect error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect disconnect error
}
EOF'
Add user with password
sudo useradd --shell /usr/sbin/nologin $username
echo "$username:$password" | sudo chpasswd
Check if UFW is active and open port 1080 if needed
if sudo ufw status | grep -q "Status: active"; then
sudo ufw allow 1080/tcp
fi
Check if iptables is active and open port 1080 if needed
if sudo iptables -L | grep -q "ACCEPT tcp -- anywhere anywhere tcp dpt:1080"; then
echo "Port 1080 is already open in iptables."
else
sudo iptables -A INPUT -p tcp --dport 1080 -j ACCEPT
fi
Restart dante-server
sudo systemctl restart danted
Enable dante-server to start at boot
sudo systemctl enable danted`
Comments
Your usable ports are 2301 to 2320.
23 from the internal IP address and 01 to 20 is added to it. Yes, the description could have been better.
Update the ports on your service to be somewhere between 2301 and 2320 and you should be able to access it using the external IP and the same port.
Being that I don't use nat, I understand the confusion, so basically if I got it right, the 1080 port needs to be changed to a port between 2301 and 2320 and your firewall rules as well. I hope
I tried using port '2306' but failed though
Dante is running on port 2306
sudo netstat -tulnp | grep 2306 tcp 0 0 0.0.0.0:2306 0.0.0.0:* LISTEN 6777/danted
If your provider supports domain forwarding, you can use that to map an outside port, to the port that your socks5 proxy is bind to on your server.
If provider doesn't support that, you can use Cloudflare's origin rules and basically achieve the same.
And finally and obviously, you can bind your socks5 proxy server only to the ports that are available to you (25301 to 25320)
Did you open whichever firewall port #2306? Because if you did, then I have no idea why that isn't working for you
Somes times provider provides port mapping via control panel to you vps server. Check there port mapping is done correctly.
If it’s khanweb NAT server, try opening a ticket.
yup It's Khanweb
Check if the port is accessible from outside. To test with netcat, run the command
nc -l -p 2306
on the nat vps terminal and keep it listening on that port. Then runnc 104.28.223.111 2306
on the terminal of another machine and connect to the nat vps. Type some message like "Hello World" and see if it is displayed on the nat vps terminal. If it is displayed then the port is open, and it is not likely the cause of the problem. You should then move your troubleshooting to the dante configuration.I used https://www.yougetsignal.com/tools/open-ports/ to check whether port is open. yes It is indeed
so the issue might be in dante config, right ?
I tried as @air4x suggest while using port '2306' received port occupied error msg, then tried with '2305' works perfectly, message received other end.
Buying KhanWebHost's NatVPS confused me aswell. Felt like a puzzle but I eventually figured it out.
https://selivan.github.io/socks/
Tested and it works fine.
Just run
tcpdump -vni eth0
for a while and see on what ports random garbage hits your interface. These ports obviously work. If after a while still nothing has shown up just launch nmap either locally or on another host against every port from 1 to 65535 on the NAT IP.Tested and it works fine.
>
Thanks, It's working