Localhost website not accessible from Public IP despite port forwarding

My tiny office has 1 router, which is connected to ADSL line on one end and my laptop on other end. In office, laptop’s local IP is 192.168.1.2.

On office router, I have setup port (22) forwarding for SSH access. I also have DuckDNS script that allows me to ssh -v -t -L 5900:localhost:5900 myname.duckdns.org into my office laptop whenever I want.

I followed the same port-forwarding procedure to configure my router to forward Port 8082 to 192.168.1.2 (TCP, WAN interface is pppoe2). I ran a python/nodejs http server listening on 0.0.0.0:8082.

If I try to access my newly spun server from public IP I get timeout. This is the problem. I can SSH into my remote machine, but website hosted on it doesn’t work

Steps tried:

I take remote desktop of office laptop (using port 5900 for x11 forwarding) and find that firefox can open localhost:8082, 127.0.0.1:8082 and 192.168.1.2:8082 properly.

I tried shutting down extra services like gogs and nginx (which was listening on port 80 even though I didn’t tell it to) via systemctl, but still no luck.

Further, curl http://PUBLIC_IP:8082 gives different outputs:

  1. At home, in my Cmder I get curl: (7) Failed to connect to PUBLIC_IP port 8082: Timed out
  2. However, in SSH terminal (i.e. of remote machine), I get curl: (7) Failed to connect to PUBLIC_IP port 8082: Connection refused

Why is connection refused?

Thanks to @davidgo, I tried

$   sudo tcpdump -vv -i enp7s0 | grep 8082 tcpdump: listening on enp7s0, link-type EN10MB (Ethernet), capture size 262144 bytes 

If I curl localhost:8082 or 192.168.1.2:8082 I see 200 on server logs but I don’t see any output in the above command.
But if I curl PUBLIC_IP:8082 from

  1. inside SSH session I get
    duckDNSsubDomain.40626 > abts-north-dynamic-031.P3.P2.P1.airtelbroadband.in.8082: Flags [S], cksum 0x469a (incorrect -> 0x84f5), seq 18095393, win 64240, options [mss 1460,sackOK,TS val 2474578357 ecr 0,nop,wscale 7], length 0     abts-north-dynamic-031.P3.P2.P1.airtelbroadband.in.8082 > duckDNSsubDomain.40626: Flags [R.], cksum 0x8cea (correct), seq 0, ack 18095394, win 0, length 0 

and a quick connection refused complain by curl (BTW my public IPv4 looks like P1.P2.P3.31.

  1. And if I do the same curl from my home computer I see
    157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0     157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0     157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0     157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0     157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0  

and curl fails with timeout.

Now I am guessing my ISP doesn’t like random ports. So I tried hosting my webserver on port 80. Again, localhost and 192.186.1.2 work as expected but http://PUBLIC_IP:80/ opens up router control panel 🙁

So I try hosting it on a well-known port that’s not 80 or 443. I choose 21 (FTP), use sudo to run webserver listening on 0.0.0.0:21 but firefox/chrome don’t let me open it and curl hangs for a while before failing with a timeout.

/wp-admin not accessible after migrating to local host (no plugin issue)

I migrated my local WordPress site to my WPEngine account and it’s been working without any problem!

After adding some content, I decided to export the database from the live version and import it to my local version so that they are synced. I adjusted the two siteurl and home fields in the database and the home page (https://localhost:8888) comes up well but the /wp-admin page is forced to https and responds with ERR_SSL_PROTOCOL_ERROR error.

All the other pages of the website cannot be loaded and return this error: Not Found The requested URL /news was not found on this server.

It seems like a "permalinks" reset problem for inner pages!

All these problems would go away if I switch the database back to the one I was using for local version so I’m pretty sure it’s a database issue!

Thanks

Is secureboot of any use if I keep my private key in a root accessible file?

According to the Debian wiki on SecureBoot,

This removes the risk of userland malware potentially enrolling new keys and therefore bypassing the entire point of SB.

So SecureBoot stops users from installing keys without UEFI confirmation (outside of the OS) and verification with a passcode. That makes sense.

However, nothing there ever says to remove the key so root doesn’t have access to it. Does SecureBoot serve any purpose if I keep my private key in a root-accessible file?

How to make code examples accessible in a document?

I’m creating a MS Word document (and will probably convert it to PDF later on) for a visually impaired programming student.

I’m following all the guidelines about text semantics, like correctly using headers, paragraph, tables, avoiding blank lines, etc. But I don’t know what to do when it comes to code examples. I’m particularly using Python for this document, so not only there are code snippets but also interpreter examples, including the “>>>” symbols. What’s the best way to add these in my document? Should I enclose these examples in a table containing just one cell, and then adding a title to the table along the lines of “this is a code example:”? Should I add line numbers? Any other markup that I should add?

How can I make terminal UIs accessible?

I am looking for resources (software, studies, documentation) to help inform design decisions for making command line utilities accessible.

Most of the programs I work on are command-line utilities. Many are non-interactive, but the more complex ones are “TUIs” or terminal UIs.

These TUIs have features such as tabs, interactive navigation, progress bars, key bindings etc..

I am not familiar with adaptive software for terminals (is there an equivalent of a screenreader?) and therefore am not sure how these types of TUI features may impact users with vision or motor impairments.

Set-PnPGroupPermissions library still accessible

I want to break inheritance to a library and then remove members and visitors group. The code below works apart from the fact the library is still accessible but the content is not. The Quick launch also shows the link to the library, but no documents are visible. When I use the UI to break inheritance and remove the said groups, the library is not visible, so can’t see why the code is not doing the same. Any ideas please?

# Break permissions inheritance for the library $  list.BreakRoleInheritance($  true, $  true) $  list.Update() $  list.Context.Load($  list) $  list.Context.ExecuteQuery() Write-Host -ForegroundColor GReen "Unique permissions set on library" $  listTitle  # Remove Member and Visitor Groups foreach ($  y in $  SiteGroups) { #$  MemberGroup = $  title + " Members" #$  VisitorGroup = $  Title + " Visitors"     if ($  y.loginname -like "*Members") {         $  SiteMembers = $  y.loginname         Set-PnPGroupPermissions -Identity $  SiteMembers -List $  listTitle -RemoveRole "Contribute" -ErrorAction silentlycontinue         Write-Host -ForegroundColor Green "Member Group removed!"     }     If ($  y.loginname -like "*Visitors") {         $  SiteVisitors = $  y.loginname         Set-PnPGroupPermissions -Identity $  SiteVisitors -List $  listTitle -RemoveRole "Read" -erroraction silentlycontinue         Write-Host -ForegroundColor Green "Visitor Group removed!"     }  }        

Is Progressive Web Apps accessible only from mobile, how to deploy

Hey guys,

Have you ever heard about Progressive Web Apps? I just hear about it today and I scoured every web corner to understand what it is. The information is so scant.

All I know is it's standalone app on the web and accessible via mobile.

The example of this feature is https://www.washingtonpost.com/pwa/

It cannot be accessed via desktop. Data on the web seems to fetch instantly once you tap on the link.

Do you have any idea how to they deployed it.

Thanks,

nautilus/nemo/other file manager – suggestions for more accessible GUI-based owner management?


Short version

TL;DR – When running nemo/nautilus with elevated privileges*, there are a TON of users/groups on the permissions tab… they’re all jammed in non-searchable drop-downs that don’t have any hotkey support. Looking for tweaks/alternate file managers/chmod gui-wrappers so I can change ownership from GUI without the accessibility nightmares. Any suggestions?


More Info

I have several versions of Ubuntu 18.04 installed in Virtualbox. I have primarily been using Cinnamon desktop/nemo up to this point.

Mostly, I am extremely happy with this desktop. But GUI-based ownership changes (from root) are frustrating because a TON of entries are jammed into a drop-down that I can’t search and can’t use hotkeys from (e.g. to press “r” to jump to “root”, etc). Launching terminal is reliable but slow to type out names when I’m in a hurry.

Note: That this isn’t really an issue when running the file manager from non-root accounts as the owner is not editable and only a few groups are displayed.

I generally run into this I am trying to fix botched ownership perms on shared folders that the current user doesn’t own. And it’s generally never as quick and easy as running a single chown -R command.

I have encountered this same accessibility design in:

  • nemo v.3.6.5 (ubuntu 18.04/gnome+cinnnamon)
  • nemo v4.2.3 (in a popular sub-distro that I’m apparently no longer allowed to mention here)
  • nautilus v3.26.4 (ubuntu 18.04/gnome).

Criteria:

I am interested in finding a GUI-based solution that meets these criteria:

  • Works on some flavor of Ubuntu 18.04 / bionic (bc I prefer LTS editions)
  • Decent user accessibility for lists of 50-100 users/groups (e.g. at least attempts to deal with non-trivial list size such as by having hotkey support, search filters, option to hide service accounts, or something else)
  • No issues running under root (e.g. via pkexec or whatever). Only mentioning this because I’ve run across a handful of apps before that flat-out refuse to run under root.

At this point, I’m just hoping somebody knows of an option that I don’t… I don’t particularly care if this is a nemo-specific tweak, a system configuration, some obscure build option, a different file manager/desktop environment, some external app that wraps a gui around chown (as long as I can throw it in a nemo-action and pass it the path), etc. Mostly just looking to avoid the extra runaround of launching terminal and typing out longer names by hand when I’m in a hurry.

* Also, when I say I am “running as root” / “running with elevated privileges”, I mean the option that appears in the nemo/nautilus UI rather than me launching directly with sudo / pkexec / etc.


Steps to view dialog issue:

  1. Create a folder named “test” on desktop or wherever that is owned by non-root account
  2. In Nemo, right-click > “Open as root” > enter password. Or for nautilus, run pkexec env DISPLAY=$ DISPLAY XAUTHORITY=$ XAUTHORITY nautilus to open with admin privileges.
  3. With the admin instance, right-click on the “test” folder > Properties > Permissions tab
  4. Observe that ALL the service accounts and groups are displayed with no means to filter them / no checkbox to hide them. Observe that pressing “R” in the drop-down does NOT jump to or select “root” (or whatever the first account starting with “R” is). In my case there’s something like 50 users displayed (3 of which are non-service accounts) and something like 80 groups displayed (8 of which are not related to service accounts). For me, this is an accessibility nightmare and it makes searching things out almost as painful as needing to launch the terminal and type it out by hand.

What I’ve tried:

I’ll follow-up if I find discover anything that works but so far, I have tried the following:

  • Permit was almost exactly what I am looking for except that it appears to require typing out the names instead of picking from a list/drop-down/etc. Unfortunately, I have absolutely zero GTK skills at the moment (although I might revisit this when I have more time if nobody has better suggestions).
  • Ubuntu 18.04.2/gnome – Couldn’t figure out how to run as root initially but pkexec env DISPLAY=$ DISPLAY XAUTHORITY=$ XAUTHORITY nautilus eventually worked. Not surprisingly, this seems to have the same issue as nemo.
  • Ubuntu 18.04.2/cinnamon – after installing cinnamon and running nemo as mentioned above, this doesn’t do what I am looking for.
  • Kubuntu 18.04 – Couldn’t find a way to launch dolphin as root so not able to test. User/Group fields were grayed out for me when running as the default non-root account on livedisc.

I have not yet tested other file managers (planning to test thunar but not really familiar with what all is out there).


Screenshot

The non-searchable drop-down with lots of entries and no hotkey support that appears in (admin/root/pkexec) nemo and nautilus > properties > Permissions tab.

Non-searchable drop-down with lots of entries and no hotkey support

LXD Container not accessible from other LAN machines

I am new to Linux world and I tried everything I can think off to solve this problem but stuck since so many days. My LXD container is not able to accessible from my LAN.

I tried followings: https://ubuntu.com/blog/converting-eth0-to-br0-and-getting-all-your-lxc-or-lxd-onto-your-lan https://openschoolsolutions.org/set-up-network-bridge-lxd/ https://discuss.linuxcontainers.org/t/slow-performance-with-nested-bridged-interface/4334 https://blog.simos.info/how-to-make-your-lxd-containers-get-ip-addresses-from-your-lan-using-a-bridge/ https://thomas-leister.de/en/lxd-use-public-interface/

but no help ! Something is wrong and I am not able to make it correct. Any help would be appreciated !!

if I use only bridged profile somehow my container don’t even get the IP, when I do lxc list ipv4 and ipv6 column are blank. I tried to change the container netplan configuration with below and container takes the IP but not able to ping 8.8.8.8 or accessible from host machine.

network: ethernets: eth0: addresses: – 171.17.139.97/28 dhcp4: false gateway4: 171.17.137.81 version: 2

Note – I am using Hyper-V manager and having window 10 host with ubuntu vm 18.04 created by using quick menu.

Thanks