Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: 62e256edc8
Fetching contributors…

Cannot retrieve contributors at this time

31 lines (21 sloc) 1.247 kb
ipfavela is a tiny node.js script to manage port forwarding. Our use for
it is as a poor man's alternative to iptables.
In the age of cheap virtualized Linux boxes, not everyone has a full Xen
slice to work with, and plenty of other solutions don't allow you to
properly manage your VPS networking. This includes not being able to use
"iptables" and "ifconfig".
To protect your not-so-battle-proven daemons, a simple solution is to only
let them bind to the local interface (lo, or '127.0.0.1') and then proxy
that service by forwarding the port to the external interface. In the
process, filter out any unknown remote IPs. This allows you some degree
of security when building distributed clusters on top of very cheap VPSs.
To deploy, simply copy the script to your problematic VPS and customize
the "forwarder" calls at the bottom:
forwarder(27017, '66.66.66.66', 27017, '127.0.0.1', ['66.66.66.67'])
The example above will forward port 27017 (MongoDB anyone?) from the local
interface to a wan interface, but only allow connections from a specific
IP ('66.66.66.67'). You can add multiple forwarder calls to proxy more
ports.
Copyright 2010 John D. Rowell <me@jdrowell.com>
Copyright 2010 EYB Serviços de Internet
License: MIT
Jump to Line
Something went wrong with that request. Please try again.