ejabberd - Comments for "mod_proxy65 shortcoming" https://www.ejabberd.im/node/3365 en Comments recovered https://www.ejabberd.im/node/3365#comment-56868 <p>The spam detector marked two of your comments. I've recovered them now.</p> Sat, 11 Dec 2010 00:29:04 +0000 mfoss comment 56868 at https://www.ejabberd.im Right, then not ... https://www.ejabberd.im/node/3365#comment-56867 <p>I wrote two contructive posts in an attempt to help you, the first more than 20 hours ago and both of them probably ended up in some mechanism that is supposed to thwart unsolicited commenters, just because I made the mistake of editing them after posting. Oh well, sorry but this way I'll simply refrain from posting anything further here. Besides, the website keeps warning me of the use of the strtotime PHP function ...</p> Fri, 10 Dec 2010 22:52:10 +0000 viðarr comment 56867 at https://www.ejabberd.im Just to let you know. https://www.ejabberd.im/node/3365#comment-56866 <p>An upgrade of ejabberd indeed solved the problem. I had to replace the host with another distro that has more recent packages, but on the other hand this is the only service that will run on this box.</p> <p>NB: there was another post that has to be approved by the admins, apparently. Let's hope they'll do so ... it contained some details concerning your particular questions (besides the hostname issue).</p> Fri, 10 Dec 2010 05:34:20 +0000 viðarr comment 56866 at https://www.ejabberd.im what ejabberd version are you using? https://www.ejabberd.im/node/3365#comment-56865 <div class="quote-msg"> <div class="quote-author"><em>roughnecks</em> wrote:</div> <p>But i cannot bind to a public ip, 'cause i'm behind a natting router: is there any trick that could let me use the proxy ?</p></div> <p>DSL router or Linux router? Basically with iptables/netfilter you could use DNAT to forward it from the routers external interface to the internal host (and even change the port number, if needed). Relevant ports are 5222, 5223, 5269, 7777 and if you dare exposing the web interface: 5280. In addition to that you'll have to allow it to forward to the internal host. Last but not least your kernel needs to know that you want to allow IPv4 forwarding (use sysctl).</p> <p>For the ports to which the clients connect, it would look like this</p> <pre>sudo iptables -t nat -I PREROUTING -i extif -p tcp --dport 5222:5223 -j DNAT --to-destination 192.168.x.y sudo iptables -I FORWARD -p tcp -d 192.168.x.y --dport 5222:5223 -j ACCEPT</pre><p> 192.168.x.y is the internal hosts IP.<br /> extif is the external interface of the router.</p> <div class="quote-msg"> <div class="quote-author"><em>roughnecks</em> wrote:</div> <p>I tried bindind (in proxy_mod conf) to 0,0,0,0 and to private address (192.168.x.x) with no luck</p></div> <p>Try setting "hostname" (not "host", which is the logical node name within XMPP) to the external(!) IP of your router. I think in my case the version is too old (it's the one shipping with Debian), so I'm going to attempt an upgrade to 2.1.5.</p> <p>NB: the docs say you should avoid using the host name in the "hostname" field and use the IP preferably.</p> Fri, 10 Dec 2010 00:12:31 +0000 viðarr comment 56865 at https://www.ejabberd.im Same problem here https://www.ejabberd.im/node/3365#comment-56864 <p>Check out the docs: <noindex><a href="http://www.process-one.net/en/ejabberd/guide_en#modproxy" title="http://www.process-one.net/en/ejabberd/guide_en#modproxy" rel="nofollow" >http://www.process-one.net/en/ejabberd/guide_en#modproxy</a></noindex></p> <p>"{hostname, HostName}<br /> Defines a hostname advertised by the service when establishing a session with clients. This is useful when you run the service behind a NAT. The default is the value of ip option. Examples: "proxy.mydomain.org", "200.150.100.50". Note that not all clients understand domain names in stream negotiation, so you should think twice before setting domain name in this option."</p> <p>This suggests that it is the solution to our problem, but it does not work on my side.</p> <p>Version string is: "2.0.0" ... now I don't know whether *that's* the problem. It's fairly old, I think.</p> Thu, 09 Dec 2010 23:49:49 +0000 viðarr comment 56864 at https://www.ejabberd.im same problem here https://www.ejabberd.im/node/3365#comment-55593 <p>I'm behind a dyndns with wildcards option set...so my proxy.domain.dyndns.org should be ok resolving to my ip.</p> <p>But i cannot bind to a public ip, 'cause i'm behind a natting router: is there any trick that could let me use the proxy ?</p> <p>P.S.<br /> I tried bindind (in proxy_mod conf) to 0,0,0,0 and to private address (192.168.x.x) with no luck</p> <p>Thank You</p> Sun, 18 Apr 2010 19:35:52 +0000 roughnecks comment 55593 at https://www.ejabberd.im