SSH can do just that, example:
ssh -L 8080:localhost:8080 user@host
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
SSH can do just that, example:
ssh -L 8080:localhost:8080 user@host
You can also automate this with autossh which is designed for exactly this kind of persistent tunnel. Although a simple "while" loop might seem like the intuitive way to keep it running, autossh is very reliable and takes care of all the corner cases for you.
Check out tailscale
You would configure your pi to be a subnet router it should be stupid easy to get going.
Something ive noticed from using wireguard from my phone is my traffic across the board slows down significantly while connected because everything is routed back home.
With tailscale can the user be connected, and only have a specific ip/domain routed through it? I also dont have access to the dvr's internal system to run tailscale from it.
Anyway thanks for the lead, im reading up now
Something ive noticed from using wireguard from my phone is my traffic across the board slows down significantly while connected because everything is routed back home.
This is a config issue, you have your VPN set as the default gateway instead of just for the specific subnet of your home network.
By default tailscale will not be a default gateway or subnet router, it will only give access between 2 devices with tailscale installed.
Yea, gotta turn off using an Exit Node that's on that network.
Also, sometimes Tailscale's Magic DNS seems to override other name resolution and will route over Tailscale instead if another network (eg LAN). You can avoid this by using IP addresses instead of DNS if you have issues.
For example, when I'm home and try to RDP to my server, sometimes TS DNS resolves the name and routes over TS, although it's on the same LAN. If I RDP via the IP address of my server, it's noticeably faster. If I turn off Tailscale, it's faster, even using DNS, because then it resolves to the local, not TS, address.
So basically, if I disable/re-enable TS on my laptop, DNS works fine. Think it's just a bug.
Oh that makes sense because when i originally set it up, i did want all traffic routed through it. I guess i didnt realize it didnt have to be
There's a similar software called zerotier that only routes traffic you want across. You select an IP range (for instance 10.144..) and it gives your computer a new address. For my main computer let's say it's 10.144.168.128. The only traffic routed over the vpn is traffic addressed to that address. You can append the port to web traffic like https://10.144.168.128:8010/zm/index.php (zoneminder used as an example) and it would use the vpn for that connection but nothing else.
You can set what traffic goes across wireguard, either all of it, or only what is intended for the IP you are needing to connect to.
Someone recommended ssh, which is good, but it can't do udp connections.
https://github.com/anderspitman/awesome-tunneling
From this list, I selected rathole since they claimed to be more performant than frp, the most popular solution.
Edit: just looked at your link. I think for the time being im going to use tailscale. Its a restaraunt, and they dont have a self-hosted server. Im trying to get around opening ports, so using an existing service. Your link did make me aware of cloudflare tunnels whick looks like it allows 50 users on a free plan vs tailscale's 3. Although the 3 might work for them, I'll have to check. Ill probably drop in an ngrok tunnel too so i can maintenence the pi remotely. (They are in a different state) i was mostly looking for advice on how to connect a port on one machine to another over a lan, and socat looks perfect
Actually, i found socat which seems to work just fine so far, and appears to be a standard linux command.
socat TCP4-LISTEN:8096 TCP4:192.168.86.2:8096
Thats a test i did with jellyfin at home
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
Fewer Letters | More Letters |
---|---|
DNS | Domain Name Service/System |
IP | Internet Protocol |
SSH | Secure Shell for remote terminal access |
VPN | Virtual Private Network |
[Thread #500 for this sub, first seen 9th Feb 2024, 22:55] [FAQ] [Full list] [Contact] [Source code]