It is currently Sat Sep 19, 2020 7:21 am
All times are UTC + 8 hours

Stop redirection of the 80 and 443 ports to 8000 and 8001

Got a feature request? Great! Post your ideas here!

Stop redirection of the 80 and 443 ports to 8000 and 8001

Postby luke_nukem » Wed Oct 24, 2018 3:48 pm

It seems there is a dedicated init service running and the Web UI calls a few functions in libservice to start a daemon named myhttpd with the sole purpose of redirecting the 90 and 443 ports when they are not being used by apache.

This is absolutely annoying and resulted in me having to stick a kludge in the docker init script to hunt and kill the processes using those ports before starting docker so that my container could use those ports.

It would be nice to be able to stop this redirection via an option in the ADM UI.
luke_nukem
 
Posts: 12
Joined: Wed Oct 24, 2018 6:08 am

Re: Stop redirection of the 80 and 443 ports to 8000 and 8001

Postby Faldorn » Tue Feb 18, 2020 7:28 pm

+1

Very annoying on my 5304T running ADM 3.4.6.RDF3
Faldorn
 
Posts: 3
Joined: Sun Feb 16, 2020 8:31 am

Re: Stop redirection of the 80 and 443 ports to 8000 and 8001

Postby april » Sun Mar 15, 2020 5:41 am

+1
I can't get the Traefik docker set up because of this.
april
 
Posts: 5
Joined: Sat May 04, 2019 5:20 am

Re: Stop redirection of the 80 and 443 ports to 8000 and 8001

Postby asustor » Wed May 13, 2020 12:47 am

1+ This is a must
asustor
 
Posts: 2
Joined: Tue May 12, 2020 7:11 pm

Re: Stop redirection of the 80 and 443 ports to 8000 and 8001

Postby davidaga » Sat Jun 20, 2020 5:00 am

Any update on this one? I would really like to be able to use port 80 and 443 Nextcloud.
davidaga
 
Posts: 2
Joined: Mon May 18, 2020 8:23 am

Re: Stop redirection of the 80 and 443 ports to 8000 and 8001

Postby father.mande » Sat Jun 20, 2020 3:29 pm

Hi,

Even nextcloud is exactly the type of application where docker add problems :roll: ... as in any case, when it's so easy to use directly nextcloud ... on N.A.S. (but it's not the subject and anyone do what he want on its own NAS) :lol:

You can ask Asustor and wait, or use workaround during time you wait for a response .
ex.
1 for customer not consumer : change docker to use macvlan and create a separate I.P. address (DHCP or fixed for a server) ... so port are now not shared by A.D.M. and applications in container.
... kernel module is provide by Asustor, need just to validate promiscuous mode and configure container network (simple except if you use docker without the minimum knowledge about it ... as a consumer)

2 for basic Linux admin : set Apache web server in N.A.S. to use port 80 and 443 (default) (so myhttpd server will be off)
... configure redirection (rewrite mode) as any proxy to localhost:port attributed to nextcloud (eventually to force moving to HTTPS only) ... this is documented in nextcloud

ANOTHER possibility is : stop using port 80 ... it's not secure EVEN connected in a docker container ... certificate are easy to get to use now only HTTPS ... then use a private port for nextcloud ... so only user able to know it can use it ... no reason to keep default except opening your NAS to any attack / malware / ransomware or data violation ...

Philippe.
AS5002T / AS202TE / AS1002T
My Blog specific to my APKG : https://blog.father-mande.ovh/
User avatar
father.mande
 
Posts: 1023
Joined: Sat Sep 12, 2015 2:55 am

Re: Stop redirection of the 80 and 443 ports to 8000 and 8001

Postby _evilpanda_ » Sat Aug 29, 2020 12:02 pm

I've tried the macvlan on docker method but even on a seperate IP it still triggers the httpd process to forward any port 80 queries.

At the moment I'm having to manually kill this process before I can install/activate an alternate web server - can anyone share some script ideas/workarounds etc that have been working for you in the meantime? Is there a way to kill this on docker init? If so, could anyone help a noob like myself on how to set this up as a script?

And is there anywhere else we can request this feature from Asustor? Seems like a lot of people have had problems with this issue (for years) and it hasn't really progressed. It shouldn't be unreasonable for users to want to use an alternate to the ADM web server given things like Docker etc.
_evilpanda_
 
Posts: 1
Joined: Sun Jul 05, 2020 3:44 pm

Re: Stop redirection of the 80 and 443 ports to 8000 and 8001

Postby father.mande » Sat Aug 29, 2020 4:56 pm

Hi,

I can't help you (I don't use docker) ... I can only speak about macvlan, because I use it in a container (build with kernel namespace as docker initially but without hidden things)
macvlan generate a different I.P. and a different host configured using namespace net and uts .
... so it's like a sort of virtualization more independent that current namespace (pid, mnt, ipc, pid_for_children, etc.) NOT all used by docker in basic configuration

if an application run in a container with separate MAC Address (macvlan) and separate net and hostname ... the port list is attached to the container and NOT and TOTALLY different of port used in A.D.M.
... so calling nextcloud using the I.P. generate in container and with port 80 (free in container if you don't launch another server) CAN'T ACCESS THE A.D.M. port list even port 80 is in used.
... AND this work as well on AS5002T for ex.

So you must first try to understand if macvlan configuration is correct
... verify promisc mode
... verify that network in container is correctly generate and not keep the host network (default)
... ... take care to use ip tools supporting netns command ... A.D.M. have a reduced version ... but I suppose docker have a correct one (or use Entware version)
... verify that I.P. is correctly done by the DHCP server (if you don't use static) and visible (ex use nmap)

... last in a container with macvlan you can suppress a second Ethernet ... if generated by docker (ex. for using host network) and replace it by an veth link between A.D.M. and container, because lot of Ethernet board don't accept loop access from two internal I.P. (A.D.M. and macvlan) ...

THIS is not a solution for the A.D.M. usage of ports ... so calling Asustor is always the best approach.
BUT sure your macvlan configuration is not correct if you continue to access you application using AD.M. I.P. and port ???

Philippe.
AS5002T / AS202TE / AS1002T
My Blog specific to my APKG : https://blog.father-mande.ovh/
User avatar
father.mande
 
Posts: 1023
Joined: Sat Sep 12, 2015 2:55 am

Return to Feature Requests

  • You cannot post new topics in this forum
    You cannot reply to topics in this forum
    You cannot edit your posts in this forum
    You cannot delete your posts in this forum
    You cannot post attachments in this forum
  • Who is online

    Users browsing this forum: No registered users and 2 guests