Giter Site home page Giter Site logo

natter's Introduction

Natter (v2)

Expose your port behind full-cone NAT to the Internet.

中文文档

Quick start

python3 natter.py

Or, using Docker:

docker run --net=host nattertool/natter
2023-11-01 01:00:08 [I] Natter
2023-11-01 01:00:08 [I] Tips: Use `--help` to see help messages
2023-11-01 01:00:12 [I]
2023-11-01 01:00:12 [I] tcp://192.168.1.100:13483 <--Natter--> tcp://203.0.113.10:14500
2023-11-01 01:00:12 [I]
2023-11-01 01:00:12 [I] Test mode in on.
2023-11-01 01:00:12 [I] Please check [ http://203.0.113.10:14500 ]
2023-11-01 01:00:12 [I]
2023-11-01 01:00:12 [I] LAN > 192.168.1.100:13483   [ OPEN ]
2023-11-01 01:00:12 [I] LAN > 192.168.1.100:13483   [ OPEN ]
2023-11-01 01:00:12 [I] LAN > 203.0.113.10:14500    [ OPEN ]
2023-11-01 01:00:13 [I] WAN > 203.0.113.10:14500    [ OPEN ]
2023-11-01 01:00:13 [I]

In the example above, 203.0.113.10 is your public IP address outside the full-cone NAT. Natter opened TCP port 203.0.113.10:14500 for testing.

Visit http://203.0.113.10:14500 outside your LAN, you will see the web page:

It works!

--------
Natter

Usage

usage: natter.py [--version] [--help] [-v] [-q] [-u] [-U] [-k <interval>]
                 [-s <address>] [-h <address>] [-e <path>] [-i <interface>]
                 [-b <port>] [-m <method>] [-t <address>] [-p <port>] [-r]

Expose your port behind full-cone NAT to the Internet.

options:
  --version, -V   show the version of Natter and exit
  --help          show this help message and exit
  -v              verbose mode, printing debug messages
  -q              exit when mapped address is changed
  -u              UDP mode
  -U              enable UPnP/IGD discovery
  -k <interval>   seconds between each keep-alive
  -s <address>    hostname or address to STUN server
  -h <address>    hostname or address to keep-alive server
  -e <path>       script path for notifying mapped address

bind options:
  -i <interface>  network interface name or IP to bind
  -b <port>       port number to bind

forward options:
  -m <method>     forward method, common values are 'iptables', 'nftables',
                  'socat', 'gost' and 'socket'
  -t <address>    IP address of forward target
  -p <port>       port number of forward target
  -r              keep retrying until the port of forward target is open

Usage for Docker

Read natter-docker for details.

Use cases

Expose local port 80 to the Internet, using built-in forward method:

python3 natter.py -p 80

Expose local port 80 to the Internet, using iptables kernel forward method (requires root permission):

sudo python3 natter.py -m iptables -p 80

Dependencies

  • Python 2.7 (minimum), >= 3.6 (recommended)
  • No third-party modules are required.

License

GNU General Public License v3.0

natter's People

Contributors

abgelehnt avatar csterkuroi avatar hyy2001x avatar mikewang000000 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

fbion ron159 tanyewei masterofstar ngloom rankaiyx zhangshanbeng yanguoqing123 xiaonian233 peaceanddemocracy mtoly muink wuxiaoxrj vpn-v2ray iamydp welcomefrank ultranijia defu9 poluzhao prodigyu aldington-david ilay-park pitgao crazyforks imzcc github-account-2023 visense primal-fear-1996 yyqhoro developer-wlj licsber xiaohaidao buddy4wu ordinaryjoys garibel-lee ironicone jcxq520 rainly wooley xiaolei0125 yanwuguangjun mfwt moeray hainanss overkazaf hab503 hjklove baishu12 wangx2 blueberry-pie-11 hnqx yanhua0518 somria ycj1379 fbtjxc shnulaa huangjiaju xbins7210 againstthelight roczzz gdfsnhsw yhvhnl zhnathaniellee yywangvr wydy zutianrun shapaozidex zhucaidan float12451 chuanatcd nyx1197 liuzg78 dkstar11q rebecca554owen csterkuroi 940842546 cxy-magong severidelo gankyun dyhkwong canronglan showmelater bestruirui tdexxx go1em hyy2001x unwenliu wb1t fwt11 pythonzz signingup bsyt1101 yfblock danielnaor turbolento optimodzhu zjj3555 yizhitangtongxue toplz yangxiao2023

natter's Issues

Not enough STUN servers available. 

Natter git:(v0.9) python natter.py --check-nat
[INFO] - Getting STUN server IP...
[INFO] - NAT Type for UDP: [ Full cone (NAT 1) ]
[INFO] - Checking NAT Type for TCP...
Traceback (most recent call last):
  File "natter.py", line 969, in <module>
    main()
  File "natter.py", line 944, in main
    print_nat(src_host, src_port)
  File "natter.py", line 883, in print_nat
    if stun_client.is_tcp_cone():
  File "natter.py", line 401, in is_tcp_cone
    raise Exception("Not enough STUN servers available.")
Exception: Not enough STUN servers available.

docker版本使用 -m iptables好像有权限问题

运行的命令是:docker run -d -v /root/jiaoben:/opt2 --restart=always --net=host --name natter_qb nattertool/natter -m iptables -k 5 -e /opt2/qb.sh

错误如下:
2024-01-30 16:32:53 [I] Natter v2.0.0-rc1
iptables v1.8.9 (legacy): can't initialize iptables table nat': Permission denied (you must be root) Perhaps iptables or your kernel needs to be upgraded. OSError: iptables >= (1, 4, 1) not available 2024-01-30 16:32:53 [I] Natter v2.0.0-rc1 iptables v1.8.9 (legacy): can't initialize iptables table nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
OSError: iptables >= (1, 4, 1) not available
2024-01-30 16:32:53 [I] Natter v2.0.0-rc1
iptables v1.8.9 (legacy): can't initialize iptables table nat': Permission denied (you must be root) Perhaps iptables or your kernel needs to be upgraded. OSError: iptables >= (1, 4, 1) not available 2024-01-30 16:32:54 [I] Natter v2.0.0-rc1 iptables v1.8.9 (legacy): can't initialize iptables table nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
OSError: iptables >= (1, 4, 1) not available
2024-01-30 16:32:55 [I] Natter v2.0.0-rc1
iptables v1.8.9 (legacy): can't initialize iptables table nat': Permission denied (you must be root) Perhaps iptables or your kernel needs to be upgraded. OSError: iptables >= (1, 4, 1) not available 2024-01-30 16:32:57 [I] Natter v2.0.0-rc1 iptables v1.8.9 (legacy): can't initialize iptables table nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
OSError: iptables >= (1, 4, 1) not available

打洞失败

2024-01-01 19:56:33 [I]
2024-01-01 19:56:33 [I] Test mode in on.
2024-01-01 19:56:33 [I] Please check [ http://125.76.180.248:17700 ]
2024-01-01 19:56:33 [I]
2024-01-01 19:56:33 [I] LAN > 192.168.1.3:64925 [ OPEN ]
2024-01-01 19:56:33 [I] LAN > 192.168.1.3:64925 [ OPEN ]
2024-01-01 19:56:34 [I] LAN > 125.76.180.248:17700 [ CLOSED ]
2024-01-01 19:56:42 [I] WAN > 125.76.180.248:17700 [ CLOSED ]
2024-01-01 19:56:42 [W] !! Hole punching failed !!
2024-01-01 19:56:42 [I]

本身是公网IP的情况下不能玩吗?

本身有公网的,通过ikuai拨号的
TCP hole punching seems to fail. Maybe you are behind a firewall. However, you may check this address from another network: ('113.67.177.29', 6789)

[Feature Request]多IP出口选择

在一个具有多IP的设备上可能不同的src_addr走的是不同的线路,例如我这里情况:

root@HomePi:~# curl myip.ipip.net --interface 192.168.88.12
当前 IP:120.235.232.xx  来自于:** 广东 广州  移动
root@HomePi:~# curl myip.ipip.net --interface eth0
当前 IP:120.235.232.xx  来自于:** 广东 广州  移动
root@HomePi:~# curl myip.ipip.net --interface 192.168.88.13
当前 IP:119.34.xx.xx  来自于:** 广东 广州  珠江宽频
root@HomePi:~# curl myip.ipip.net --interface eth0:1
当前 IP:119.34.xx.xx  来自于:** 广东 广州  珠江宽频

在这种情况下是否可以添加一个例如 --interface 或者 -i 的参数让natter可以在不同的线路上打洞呢?谢谢!

Windows 下 python 通知脚本无法调用

natter.py 第1358行,这里 subprocess.call 直接运行的是 notify_sh,好像在 windows 下无法调用 python 脚本(但是 linux 或者 docker 可以)?
报错 OSError: [WinError 193] %1 不是有效的 Win32 应用程序。

    if   
  notify_sh:
        protocol = "udp" if udp_mode else "tcp"
        inner_ip, inner_port = to_addr if method else natter_addr
        outer_ip, outer_port = outer_addr
        Logger.info("Calling script: %s" % notify_sh)
        subprocess.call([
            os.path.abspath(notify_sh), protocol, str(inner_ip), str(inner_port), str(outer_ip), str(outer_port)
        ], shell=False)

CentOS 下使用 Docker,启动时出现 socket.gaierror

默认的latest版,报错

[root@centos ~]# docker run --net=host nattertool/natter
2024-02-25 07:41:05 [I] Natter v2.0.0-rc2
2024-02-25 07:41:05 [I] Tips: Use `--help` to see help messages
socket.gaierror: [Errno -2] Name or service not known

可以开udp吗

帮助 Full cone NAT (NAT 1) 用户打开公网 UDP 端口。

GOST v3 适配:版本号匹配失败

当前仅支持 GOST v2,GOST v3 版本号匹配失败:

~ # natter.py -m gost -v
2024-01-20 19:04:30 [I] Natter v2.0.0-dev
Traceback (most recent call last):
  File "/usr/bin/natter.py", line 1483, in <module>
    main()
  File "/usr/bin/natter.py", line 1474, in main
    natter_main(show_title)
  File "/usr/bin/natter.py", line 1348, in natter_main
    forwarder = ForwardImpl()
                ^^^^^^^^^^^^^
  File "/usr/bin/natter.py", line 810, in __init__
    raise OSError("gost >= %s not available" % str(self.min_ver))
OSError: gost >= (2, 3) not available
~ # gost -V
gost v3.0.0-nightly.20240118 (go1.21.5 linux/amd64)
~ #

[Windows] 使用 socket 转发,关闭 TCP 连接时出现 WinError 10053

使用 socket 转发,关闭 TCP 连接时出现 WinError 10053。

日志:

2024-01-12 13:38:32 [I] 
2024-01-12 13:39:41 [E] fwd-socket: socket forwarding thread is exiting: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
2024-01-12 13:39:42 [E] fwd-socket: socket forwarding thread is exiting: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
2024-01-12 13:39:42 [E] fwd-socket: socket forwarding thread is exiting: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
2024-01-12 13:40:12 [E] fwd-socket: socket forwarding thread is exiting: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
2024-01-12 13:40:17 [E] fwd-socket: socket forwarding thread is exiting: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。

ufw阻止natter.py打洞

一开始我的电脑使用的是Win(nt6.3)系统,防火墙正常打开,路由DMZ和UPnP都打开,洞也正常能打,使用--check-nat测试出来是NAT1,正常使用了一段时间。
最近我重装系统,换成更轻量的Ubuntu(Linux6.5.0-17)在迁移服务的时候,发现这个natter怎么测都是NAT3,起初以为是运营商的问题,找装维说是NAT1我也重置了路由器,光猫,最终电脑拨号都以失败告终
在刚刚就想,有没有一种可能,就是防火墙的问题,接着我就把ufw关了,再用--check-nat测试,变成NAT1了
然后现在我不知道应该怎么修改ufw的配置文件。关掉ufw也不行,但是又得使用natter打洞。所以大佬们可否给我指一条路,给点指示

Nginx-Cloudflare示例运行失败

大佬对不起又是我,我尝试部署Nginx-Cloudflare报:Network natteriso_default Error .
cf-redir.py配置:

cf_redirect_to_https    = False^M
cf_redirect_host        = "xxxxxxx.fun"^M
cf_direct_host          = "ip:port"^M
cf_auth_email           = "[email protected]"^M
cf_auth_key             = "*******************"^M

运行报错:

✘ Network natteriso_default  Error                                                                                                                                                                  0.0s 
failed to create network natteriso_default: Error response from daemon: Failed to program FILTER chain: iptables failed: iptables --wait -I FORWARD -o br-882ab910cf0f -j DOCKER: iptables v1.8.4 (legacy): Couldn't load target `DOCKER':No such file or directory

烦请帮忙看看是否又是iptables问题?感谢!

一点小小的建议,仅供作者参考

工具很好用,已给star。谢谢作者写了这么简单好用的打洞工具。
总结了几个点,供作者今后更新时参考。
1,建议支持单程序多端口(范围)打洞
2,建议支持端口/ip存活自检测(如宽带重拨后自动检测变更ip重新打洞)
3,如果能联动server酱一类的通知程序,或者发邮件告知就更好了
4,写成服务,加个luci(x
可能多少有不靠谱的点,望见谅。

内核模式启动失败

大佬好,我用iptables模式启动失败,iptables报错,这是我的报错信息,能否麻烦帮忙看看出了什么问题?谢谢!

docker run --net=host --cap-add=NET_ADMIN --cap-add=NET_RAW nattertool/natter -m iptables -p 2333

2024-03-20 11:26:52 [I] Natter v2.0.0-rc2
Warning: Extension comment revision 0 not supported, missing kernel module?
iptables: No chain/target/match by that name.
subprocess.CalledProcessError: Command '['iptables', '-w', '-t', 'nat', '-I', 'NATTER', '-p', 'tcp', '--dst', '192.168.1.107', '--dport', '45209', '-j', 'DNAT', '--to-destination', '192.168.1.107:2333', '-m', 'comment', '--comment', 'NATTER_UUID=3f9f4c40-0221-43dc-a269-50e0216cb332']' returned non-zero exit status 1.

V2版链接无法保持,多次会断开重新打洞

使用v2版本打通后不到平均不到40秒就会报 [E] keep-alive: connection broken: timed out

回到v0.1分支的Natter则没有该问题

系统: Ubuntu 20.04.6 LTS
Python : 3.8.10
已启用DMZ主机

这是v2的日志

2024-02-14 15:55:27 [I] Natter v2.0.0-rc2
2024-02-14 15:55:27 [D] fwd-iptables: Found iptables (1, 8, 4)
2024-02-14 15:55:27 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:55:27 [D] stun: Got address tcp://1.1.1.1:5824 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:45325
2024-02-14 15:55:27 [D] keep-alive: Connected to host tcp://www.baidu.com:80
2024-02-14 15:55:30 [D] keep-alive: OK
2024-02-14 15:55:31 [D] stun: Got address tcp://1.1.1.1:5824 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:45325
2024-02-14 15:55:31 [D] fwd-iptables: Adding rule tcp://172.16.0.20:45325 forward to tcp://172.16.0.20:30100
2024-02-14 15:55:31 [I]
2024-02-14 15:55:31 [I] tcp://172.16.0.20:30100 <--iptables--> tcp://172.16.0.20:45325 <--Natter--> tcp://1.1.1.1:5824
2024-02-14 15:55:31 [I]
2024-02-14 15:55:31 [I] LAN > 172.16.0.20:30100     [ OPEN ]
2024-02-14 15:55:31 [I] LAN > 172.16.0.20:45325     [ OPEN ]
2024-02-14 15:55:31 [I] LAN > 1.1.1.1:5824    [ OPEN ]
2024-02-14 15:55:32 [D] port-test: ifconfig.co: b'HTTP/1.1 200 OK\r\nDate: Wed, 14 Feb 2024 15:55:32 GMT\r\nContent-Type: application/json\r\nContent-Length: 64\r\nConnection: close\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {"endpoints":[{"url":"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=4%2FucjTUg2mbB9CbhdvcX4Sdz59O7x6rFbQqujfym4R%2FA6o6ibojh27%2FibFt9NAVi0QAaOIT%2B6%2FWXPo7eyeZXVB17MHCfYg8vwXwEwayyRPsi8KCOOfKw7wYHRGkX2w%3D%3D"}],"group":"cf-nel","max_age":604800}\r\nNEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}\r\nServer: cloudflare\r\nCF-RAY: 85567ef38ca4f96f-SJC\r\nalt-svc: h3=":443"; ma=86400\r\n\r\n{\n  "ip": "1.1.1.1",\n  "port": 5824,\n  "reachable": true\n}'
2024-02-14 15:55:32 [I] WAN > 1.1.1.1:5824    [ OPEN ]
2024-02-14 15:55:32 [I]
2024-02-14 15:55:35 [D] keep-alive: OK
2024-02-14 15:55:50 [D] keep-alive: OK
2024-02-14 15:56:05 [E] keep-alive: connection broken: timed out
2024-02-14 15:56:17 [D] Start recheck
2024-02-14 15:56:17 [D] LAN > 1.1.1.1:5824    [ CLOSED ]
2024-02-14 15:56:20 [W] stun: STUN server tcp://fwa.lifesizecloud.com:3478 is unavailable: timed out
2024-02-14 15:56:21 [D] stun: Got address tcp://1.1.1.1:6784 from tcp://stun.isp.net.au:3478, source tcp://172.16.0.20:45325
2024-02-14 15:56:21 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:56:21 [D] fwd-iptables: Found iptables (1, 8, 4)
2024-02-14 15:56:21 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:56:21 [D] stun: Got address tcp://1.1.1.1:4225 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:42379
2024-02-14 15:56:21 [D] keep-alive: Connected to host tcp://www.baidu.com:80
2024-02-14 15:56:24 [D] keep-alive: OK
2024-02-14 15:56:25 [D] stun: Got address tcp://1.1.1.1:4225 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:42379
2024-02-14 15:56:25 [D] fwd-iptables: Adding rule tcp://172.16.0.20:42379 forward to tcp://172.16.0.20:30100
2024-02-14 15:56:25 [I]
2024-02-14 15:56:25 [I] tcp://172.16.0.20:30100 <--iptables--> tcp://172.16.0.20:42379 <--Natter--> tcp://1.1.1.1:4225
2024-02-14 15:56:25 [I]
2024-02-14 15:56:25 [I] LAN > 172.16.0.20:30100     [ OPEN ]
2024-02-14 15:56:25 [I] LAN > 172.16.0.20:42379     [ OPEN ]
2024-02-14 15:56:25 [I] LAN > 1.1.1.1:4225    [ OPEN ]
2024-02-14 15:56:26 [D] port-test: ifconfig.co: b'HTTP/1.1 200 OK\r\nDate: Wed, 14 Feb 2024 15:56:26 GMT\r\nContent-Type: application/json\r\nContent-Length: 64\r\nConnection: close\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {"endpoints":[{"url":"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=J71%2FDWBJN2GEL7GBi21UizuS6n0FTkLmplvW5GPz3IIno%2FseNc2zzRYBq5GxNurb5QrO7HebbeRyQl3z0bDvl1akmkB71NMglge2WmbYvrSdko%2BoIm3ynm80xKmMMw%3D%3D"}],"group":"cf-nel","max_age":604800}\r\nNEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}\r\nServer: cloudflare\r\nCF-RAY: 85568044be7526b0-SJC\r\nalt-svc: h3=":443"; ma=86400\r\n\r\n{\n  "ip": "1.1.1.1",\n  "port": 4225,\n  "reachable": true\n}'
2024-02-14 15:56:26 [I] WAN > 1.1.1.1:4225    [ OPEN ]
2024-02-14 15:56:26 [I]
2024-02-14 15:56:29 [D] keep-alive: OK
2024-02-14 15:56:44 [E] keep-alive: connection broken: timed out
2024-02-14 15:56:56 [D] Start recheck
2024-02-14 15:56:57 [D] LAN > 1.1.1.1:4225    [ CLOSED ]
2024-02-14 15:56:57 [D] stun: Got address tcp://1.1.1.1:7168 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:42379
2024-02-14 15:56:57 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:56:57 [D] fwd-iptables: Found iptables (1, 8, 4)
2024-02-14 15:56:57 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:56:58 [D] stun: Got address tcp://1.1.1.1:7232 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:42629
2024-02-14 15:56:58 [D] keep-alive: Connected to host tcp://www.baidu.com:80
2024-02-14 15:57:01 [D] keep-alive: OK
2024-02-14 15:57:01 [D] stun: Got address tcp://1.1.1.1:7232 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:42629
2024-02-14 15:57:01 [D] fwd-iptables: Adding rule tcp://172.16.0.20:42629 forward to tcp://172.16.0.20:30100
2024-02-14 15:57:01 [I]
2024-02-14 15:57:01 [I] tcp://172.16.0.20:30100 <--iptables--> tcp://172.16.0.20:42629 <--Natter--> tcp://1.1.1.1:7232
2024-02-14 15:57:01 [I]
2024-02-14 15:57:01 [I] LAN > 172.16.0.20:30100     [ OPEN ]
2024-02-14 15:57:01 [I] LAN > 172.16.0.20:42629     [ OPEN ]
2024-02-14 15:57:01 [I] LAN > 1.1.1.1:7232    [ OPEN ]
2024-02-14 15:57:02 [D] port-test: ifconfig.co: b'HTTP/1.1 200 OK\r\nDate: Wed, 14 Feb 2024 15:57:02 GMT\r\nContent-Type: application/json\r\nContent-Length: 64\r\nConnection: close\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {"endpoints":[{"url":"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2FvSR1TN6KidI5J%2F%2BwbyWApP%2FVqqs%2BWQe8RKgynSp7BOHQjs%2FBQwTkJZeq8x1Jzx5ebucIgzCsM4prO22fJNFPJzNcIZMlFc8KEoUkt6Y0Rj5Tb8SNsiiOMaebz%2BNtw%3D%3D"}],"group":"cf-nel","max_age":604800}\r\nNEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}\r\nServer: cloudflare\r\nCF-RAY: 85568125ff7e7afd-SJC\r\nalt-svc: h3=":443"; ma=86400\r\n\r\n{\n  "ip": "1.1.1.1",\n  "port": 7232,\n  "reachable": true\n}'
2024-02-14 15:57:02 [I] WAN > 1.1.1.1:7232    [ OPEN ]
2024-02-14 15:57:02 [I]
2024-02-14 15:57:05 [D] keep-alive: OK
2024-02-14 15:57:20 [D] keep-alive: OK
2024-02-14 15:57:35 [E] keep-alive: connection broken: timed out
2024-02-14 15:57:47 [D] Start recheck
2024-02-14 15:57:47 [D] LAN > 1.1.1.1:7232    [ CLOSED ]
2024-02-14 15:57:47 [D] stun: Got address tcp://1.1.1.1:6080 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:42629
2024-02-14 15:57:47 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:57:47 [D] fwd-iptables: Found iptables (1, 8, 4)
2024-02-14 15:57:47 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:57:49 [D] stun: Got address tcp://1.1.1.1:4609 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:43841
2024-02-14 15:57:49 [D] keep-alive: Connected to host tcp://www.baidu.com:80
2024-02-14 15:57:52 [D] keep-alive: OK
2024-02-14 15:57:53 [D] stun: Got address tcp://1.1.1.1:4609 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:43841
2024-02-14 15:57:53 [D] fwd-iptables: Adding rule tcp://172.16.0.20:43841 forward to tcp://172.16.0.20:30100
2024-02-14 15:57:53 [I]
2024-02-14 15:57:53 [I] tcp://172.16.0.20:30100 <--iptables--> tcp://172.16.0.20:43841 <--Natter--> tcp://1.1.1.1:4609
2024-02-14 15:57:53 [I]
2024-02-14 15:57:53 [I] LAN > 172.16.0.20:30100     [ OPEN ]
2024-02-14 15:57:53 [I] LAN > 172.16.0.20:43841     [ OPEN ]
2024-02-14 15:57:53 [I] LAN > 1.1.1.1:4609    [ OPEN ]
2024-02-14 15:57:54 [D] port-test: ifconfig.co: b'HTTP/1.1 200 OK\r\nDate: Wed, 14 Feb 2024 15:57:54 GMT\r\nContent-Type: application/json\r\nContent-Length: 64\r\nConnection: close\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {"endpoints":[{"url":"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=mRoVcbhnRRRJ9LhdarnPIYD7%2BeETCLwFmt7Sh%2Fu%2FKAZw%2FbrbkclI%2BHj1bcvP9gC%2F%2BfdE%2F4VhxuLlzxeCur9eI%2B1pQpZ077S1GLVETZFBAg3kf6%2FL45nj4gsXDhc%2Bcg%3D%3D"}],"group":"cf-nel","max_age":604800}\r\nNEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}\r\nServer: cloudflare\r\nCF-RAY: 8556826d9b682302-SJC\r\nalt-svc: h3=":443"; ma=86400\r\n\r\n{\n  "ip": "1.1.1.1",\n  "port": 4609,\n  "reachable": true\n}'
2024-02-14 15:57:54 [I] WAN > 1.1.1.1:4609    [ OPEN ]
2024-02-14 15:57:54 [I]
2024-02-14 15:57:57 [D] keep-alive: OK
2024-02-14 15:58:12 [D] keep-alive: OK
2024-02-14 15:58:27 [E] keep-alive: connection broken: timed out
2024-02-14 15:58:39 [D] Start recheck
2024-02-14 15:58:39 [D] LAN > 1.1.1.1:4609    [ CLOSED ]
2024-02-14 15:58:40 [D] stun: Got address tcp://1.1.1.1:7939 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:43841
2024-02-14 15:58:40 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:58:40 [D] fwd-iptables: Found iptables (1, 8, 4)
2024-02-14 15:58:40 [D] fwd-iptables: Cleaning up Natter rules
2024-02-14 15:58:42 [D] stun: Got address tcp://1.1.1.1:5313 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:38189
2024-02-14 15:58:42 [D] keep-alive: Connected to host tcp://www.baidu.com:80
2024-02-14 15:58:45 [D] keep-alive: OK
2024-02-14 15:58:47 [D] stun: Got address tcp://1.1.1.1:5313 from tcp://fwa.lifesizecloud.com:3478, source tcp://172.16.0.20:38189
2024-02-14 15:58:47 [D] fwd-iptables: Adding rule tcp://172.16.0.20:38189 forward to tcp://172.16.0.20:30100
2024-02-14 15:58:47 [I]
2024-02-14 15:58:47 [I] tcp://172.16.0.20:30100 <--iptables--> tcp://172.16.0.20:38189 <--Natter--> tcp://1.1.1.1:5313
2024-02-14 15:58:47 [I]
2024-02-14 15:58:47 [I] LAN > 172.16.0.20:30100     [ OPEN ]
2024-02-14 15:58:47 [I] LAN > 172.16.0.20:38189     [ OPEN ]
2024-02-14 15:58:47 [I] LAN > 1.1.1.1:5313    [ OPEN ]
2024-02-14 15:58:47 [D] port-test: ifconfig.co: b'HTTP/1.1 200 OK\r\nDate: Wed, 14 Feb 2024 15:58:47 GMT\r\nContent-Type: application/json\r\nContent-Length: 64\r\nConnection: close\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {"endpoints":[{"url":"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=8tlQoA%2BslDHRI2RaZdh9zfqo1rfrfbXLlIyOAEdIzzi9Apd3NrRwQva9QQd%2FjN14aN%2FrxqG21nJKLUEKp6PHm6TiK8fC7p6w0AD7VhM4GYlxTA%2FgIvh8a9vWdhsyxw%3D%3D"}],"group":"cf-nel","max_age":604800}\r\nNEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}\r\nServer: cloudflare\r\nCF-RAY: 855683ba7d0767bf-SJC\r\nalt-svc: h3=":443"; ma=86400\r\n\r\n{\n  "ip": "1.1.1.1",\n  "port": 5313,\n  "reachable": true\n}'
2024-02-14 15:58:47 [I] WAN > 1.1.1.1:5313    [ OPEN ]
2024-02-14 15:58:47 [I]
2024-02-14 15:58:51 [D] keep-alive: OK
2024-02-14 15:59:05 [E] keep-alive: connection broken: timed out
2024-02-14 15:59:11 [D] fwd-iptables: Cleaning up Natter rules

这是v0.1的日志

[INFO] - Getting STUN server IP...
[DEBUG] - Resolving hostname [fwa.lifesizecloud.com]...
[DEBUG] - Resolving hostname [stun.isp.net.au]...
[DEBUG] - Resolving hostname [stun.freeswitch.org]...
[DEBUG] - Resolving hostname [stun.voip.blackberry.com]...
[DEBUG] - Resolving hostname [stun.nextcloud.com]...
[DEBUG] - Resolving hostname [stun.stunprotocol.org]...
[DEBUG] - Resolving hostname [stun.sipnet.com]...
[DEBUG] - Resolving hostname [stun.radiojar.com]...
[DEBUG] - Resolving hostname [stun.sonetel.com]...
[DEBUG] - Resolving hostname [stun.voipgate.com]...
[DEBUG] - Resolving hostname [stun.miwifi.com]...
[DEBUG] - Resolving hostname [stun.qq.com]...
[INFO] - Checking NAT Type for UDP...
[DEBUG] - Trying UDP STUN: 111.206.174.3 (change ip:0/port:0)
[DEBUG] - (UDP) ('111.206.174.3', 3478) says: ('1.1.1.1', 4871)
[DEBUG] - Trying UDP STUN: 111.206.174.2 (change ip:0/port:0)
[DEBUG] - (UDP) ('111.206.174.2', 3478) says: ('1.1.1.1', 4871)
[DEBUG] - Trying UDP STUN: 111.206.174.2 (change ip:1/port:1)
[DEBUG] - (UDP) ('111.206.174.3', 3479) says: ('1.1.1.1', 4871)
[DEBUG] - Trying UDP STUN: 111.206.174.2 (change ip:0/port:1)
[DEBUG] - (UDP) ('111.206.174.2', 3479) says: ('1.1.1.1', 4871)
[INFO] - NAT Type for UDP: [ Full cone (NAT 1) ]
[INFO] - Checking NAT Type for TCP...
[DEBUG] - Trying TCP STUN: 44.213.90.220
[DEBUG] - (TCP) 44.213.90.220 says: ('1.1.1.1', 6592)
[DEBUG] - Trying TCP STUN: 34.247.13.64
[DEBUG] - (TCP) 34.247.13.64 says: ('1.1.1.1', 6592)
[DEBUG] - Trying TCP STUN: 18.138.232.145
[DEBUG] - (TCP) 18.138.232.145 says: ('1.1.1.1', 6592)
[INFO] - NAT Type for TCP: [ Cone NAT ]
[INFO] - Start punching...
[DEBUG] - Trying TCP STUN: 44.213.90.220
[DEBUG] - (TCP) 44.213.90.220 says: ('1.1.1.1', 6145)
[INFO] - The TCP hole punching appears to be successful. Please test this address from another network: ('1.1.1.1', 6145)

================================
    ('1.1.1.1', 6145)
================================

[INFO] - TCP keep-alive...
[DEBUG] - [Wed Feb 14 15:45:07 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:45:17 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:45:27 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:45:37 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:45:47 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:45:57 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:46:07 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:46:17 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:46:27 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:46:37 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:46:47 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:46:57 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:47:07 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:47:17 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:47:27 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:47:37 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:47:47 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:47:57 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:48:07 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:48:18 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:48:28 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:48:38 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:48:48 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:48:58 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:49:08 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:49:18 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:49:28 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:49:38 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:49:48 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:49:58 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:50:08 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:50:18 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:50:28 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:50:38 2024] Keep-Alive OK!
[DEBUG] - [Wed Feb 14 15:50:48 2024] Keep-Alive OK!

ipv6可以打洞吗

ipv4 only vps通过wgcf连接cloudflare warp
但只是获得了访问ipv6网络的功能
并没有获得一个别人可以访问我的ipv6功能?

OpenWrt是旁路由如何配置防火墙规则打洞

我脚本运行在OpenWrt上的,主路由是iKuai,OpenWrt是旁路由;
在关闭OpenWrt的防火墙后,是能成功运行的;

不关闭防火墙:
NAT Type for UDP: [ Full cone (NAT 1) ]
NAT Type for TCP: [ Symmetric ]

但是关闭了防火墙后就无法访问外网了,不知道大佬知不知道如何配置这个防火墙规则。

Python 3.4 下出现报错:unsupported operand type(s) for %: 'bytes' and 'tuple'

  • 影响:
    Python 3.0 - 3.4(Python 2.7,Python >= 3.5 不受影响)

  • 日志:

    2024-01-21 03:17:10 [I] Natter v2.0.0-dev
2024-01-21 03:17:10 [I] Tips: Use `--help` to see help messages
2024-01-21 03:17:16 [I]
2024-01-21 03:17:16 [I] tcp://192.168.1.100:13483 <--Natter--> tcp://203.0.113.10:14500
2024-01-21 03:17:16 [I]
2024-01-21 03:17:16 [I] Test mode in on.
2024-01-21 03:17:16 [I] Please check [ http://203.0.113.10:14500 ]
2024-01-21 03:17:16 [I]
2024-01-21 03:17:16 [I] LAN > 192.168.1.100:13483    [ OPEN ]
Exception in thread Thread-1:
Traceback (most recent call last):
TypeError: unsupported operand type(s) for %: 'bytes' and 'tuple'

端口转发的奇怪问题

使用本人惯用的socat做端口转发的时候报错,日志如下

root@NEWIFI3(d-team_newifi-d2):/overlay/opt# python natter.py -t 2081
[INFO] - Getting STUN server IP...
Traceback (most recent call last):
  File "/overlay/opt/natter.py", line 583, in <module>
    main()
  File "/overlay/opt/natter.py", line 574, in main
    natter = Natter(src_host, src_port, test_http=test_http, log_level=log_level)
  File "/overlay/opt/natter.py", line 427, in __init__
    self.keep_alive_sock = self._init_keep_alive_sock()
  File "/overlay/opt/natter.py", line 436, in _init_keep_alive_sock
    s.bind((self.source_ip, self.source_port))
OSError: [Errno 125] Address in use

使用防火墙下的端口转发则没有这个问题。

是因为这两者的工作原理不同么?

(另外大佬有考虑写个openwrt的luci插件么?)

测试 win10 远程也可以,一些建议

1.设置 dmz 主机
2.先关闭远程,否则开 natter 会失败
3运行 python.exe .\natter.py 127.0.0.1 3389
4.开启远程,就可以用 natter 返回的 ip 端口远程了

可否做到不用关闭,直接运行

现在直接运行提示错误 [WinError 10013] 以一种访问权限不允许的方式做了一个访问套接字的尝试。

经过多次测试,建议 forward_port 里可以定义监听端口,那么主路由不用开dmz ,只要做这个端口的映射就可以了

例如 主机A ip 192.168.1.8
远程端口 192.168.1.8

"forward_port": {
"tcp": [
"192.168.1.8:3389"
],"udp": [
]
}
我临时改了 get_free_port 里面 sock.bind(("", 0)) 成 sock.bind(("", 8002))
那么路由器里做好 8002 端口映射就可以了,不用开 dmz
建议这个 8002 可以在 forward_port 里自定义,这样子就灵活了

v0.9版本报错

系统:win server 2012 r2 64位
python:3.1.1.4
已启用DMZ主机

日志如下

[INFO] - Getting STUN server IP...
[DEBUG] - Resolving hostname [fwa.lifesizecloud.com]...
[DEBUG] - Resolving hostname [stun.isp.net.au]...
[DEBUG] - Resolving hostname [stun.freeswitch.org]...
[DEBUG] - Resolving hostname [stun.voip.blackberry.com]...
[DEBUG] - Resolving hostname [stun.nextcloud.com]...
[DEBUG] - Resolving hostname [stun.stunprotocol.org]...
[DEBUG] - Resolving hostname [stun.sipnet.com]...
[DEBUG] - Resolving hostname [stun.radiojar.com]...
[DEBUG] - Resolving hostname [stun.sonetel.com]...
[DEBUG] - Resolving hostname [stun.voipgate.com]...
[DEBUG] - Resolving hostname [stun.miwifi.com]...
[DEBUG] - Resolving hostname [stun.qq.com]...
[DEBUG] - [Mon Aug 21 14:09:56 2023] Keep-Alive OK!
[DEBUG] - [Mon Aug 21 14:09:56 2023] Keep-Alive OK!
[DEBUG] - [Mon Aug 21 14:09:56 2023] Keep-Alive OK!
[DEBUG] - [Mon Aug 21 14:09:56 2023] Keep-Alive OK!
[DEBUG] - Trying TCP STUN: 52.221.199.123
[DEBUG] - (TCP) 52.221.199.123 says: ('120.230.61.243', 1200)
[INFO] - >>> [TCP] ('192.168.123.105', 3456) -> ('120.230.61.243', 1200) <<<
[DEBUG] - [Mon Aug 21 14:09:56 2023] Keep-Alive OK!
[DEBUG] - Trying UDP STUN: 111.206.174.2 (change ip:0/port:0)
[DEBUG] - (UDP) ('111.206.174.2', 3478) says: ('120.230.61.243', 1201)
[INFO] - >>> [UDP] ('0.0.0.0', 3456) -> ('120.230.61.243', 1201) <<<
[DEBUG] - [Mon Aug 21 14:09:56 2023] Keep-Alive OK!
[DEBUG] - Trying TCP STUN: 52.221.199.123
[DEBUG] - (TCP) 52.221.199.123 says: ('120.230.61.243', 1036)
[INFO] - >>> [TCP] ('127.0.0.1', 80) -> ('120.230.61.243', 1036) <<<
[DEBUG] - [Mon Aug 21 14:09:56 2023] Keep-Alive OK!
Traceback (most recent call last):
  File "C:\Program Files\upnp打洞\natter.py", line 969, in <module>
    main()
  File "C:\Program Files\upnp打洞\natter.py", line 960, in main
    natter.run()
  File "C:\Program Files\upnp打洞\natter.py", line 794, in run
    self._update_status(nr)
  File "C:\Program Files\upnp打洞\natter.py", line 763, in _update_status
    mapping = nr.get_mapping()
              ^^^^^^^^^^^^^^^^
  File "C:\Program Files\upnp打洞\natter.py", line 683, in get_mapping
    self.stop_forward()
  File "C:\Program Files\upnp打洞\natter.py", line 700, in stop_forward
    self.forwarder.stop()
  File "C:\Program Files\upnp打洞\natter.py", line 575, in stop
    sock.sendto(b"", self.listen_addr)
OSError: [WinError 10049] 在其上下文中,该请求的地址无效。

配置文件为

{
    "logging": {
        "level": "debug",
        "log_file": ""
    },
    "status_report": {
        "hook": "",
        "status_file": ""
    },
    "open_port": {
        "tcp": [
            "0.0.0.0:3456"
        ],
        "udp": [
            "0.0.0.0:3456"
        ]
    },
    "forward_port": {
        "tcp": [
            "127.0.0.1:80"
        ],
        "udp": [
            "127.0.0.1:53"
        ]
    },
    "stun_server": {
        "tcp": [
            "fwa.lifesizecloud.com",
            "stun.isp.net.au",
            "stun.freeswitch.org",
            "stun.voip.blackberry.com",
            "stun.nextcloud.com",
            "stun.stunprotocol.org",
            "stun.sipnet.com",
            "stun.radiojar.com",
            "stun.sonetel.com",
            "stun.voipgate.com"
        ],
        "udp": [
            "stun.miwifi.com",
            "stun.qq.com"
        ]
    },
    "keep_alive": "www.qq.com"
}

【群晖】iptables报错,不认识 -m comment --comment NATTER_UUID=44dd0b25-3284-4d10-b9a2-001aff022804

/opt # python3 natter.py -m iptables -t 192.168.2.4 -p 80
2024-02-19 06:57:34 [I] Natter v2.0.0-rc2
iptables: No chain/target/match by that name.
subprocess.CalledProcessError: Command '['iptables', '-t', 'nat', '-I', 'NATTER', '-p', 'tcp', '--dst', '100.73.4.216', '--dport', '43588', '-j', 'DNAT', '--to-destination', '192.168.2.4:80', '-m', 'comment', '--comment', 'NATTER_UUID=44dd0b25-3284-4d10-b9a2-001aff022804']' returned non-zero exit status 1.

用的是,目前手动下发规则可用,
iptables -t nat -I NATTER -p tcp --dst 100.73.4.216 --dport 43588 -j DNAT --to-destination 192.168.2.4:80

/opt # iptables --version
iptables v1.4.13

大佬有啥办法不,我直接把源码中的-m命令删除行不?

使用UDP协议遇到问题

Discussed in #78

Originally posted by zaiqixiao April 9, 2024
QQ截图20240411231555
QQ截图20240411231635
QQ截图20240411231720
QQ截图20240411231737
TCP正常,但是UDP会卡在这里,请问要如何解决

有没有办法固定外网的打洞端口

你好,我主要要解决没有IPV4公网IP,通过外网访问私有NAS。目前已部署成功,我是个小白,有两个问题请大佬帮看看能否解决。
1、NAS固定每天关机5小时,重启主机后,是否需要重新运行Natter?
2、每次打洞端口都会变,导致每次端口失效后需要进系统看端口情况,是否能将端口固定住,不用每次修改访问端口。
感谢大神指导。
顺便求助下问题,目前我也可以通过V6公网地址+域名转换访问主机。但会出现偶尔,APP访问不成功(网页访问一切正常)情况。之前以为是解析的问题,咨询了域名提供商,反馈解析没有问题。不知道大佬是否能指导下。感谢。

关于Nginx-Cloudflare配置参数求解

对文档中“跳转域名”和“直连域名”的定义以及cloudflare归属有点疑问:

  1. cf_redirect_host 是否就是我cloudflare内的域名?
  2. cf_direct_host 是否就是我本机局域网IP+端口?
  3. 我的域名归属于万网,DNS解析挂的Cloudflare,是否可以直接使用?还是需要把域名归属转移到Cloudflare?(好贵...)

谢谢

windows10使用的时候报错

C:\Users\admin\Desktop>python natter.py -t 3389
[INFO] - Getting STUN server IP...
Traceback (most recent call last):
File "C:\Users\admin\Desktop\natter.py", line 583, in
main()
File "C:\Users\admin\Desktop\natter.py", line 574, in main
natter = Natter(src_host, src_port, test_http=test_http, log_level=log_level)
File "C:\Users\admin\Desktop\natter.py", line 427, in init
self.keep_alive_sock = self._init_keep_alive_sock()
File "C:\Users\admin\Desktop\natter.py", line 436, in _init_keep_alive_sock
s.bind((self.source_ip, self.source_port))
OSError: [WinError 10013] 以一种访问权限不允许的方式做了一个访问套接字的尝试。

C:\Users\admin\Desktop>

一个结合nginx使用的设想,希望能探讨一下是否能实现

如果能实现的话我试试能不能自己去研究搭建一下。

从v0.9.0的特性介绍来看,似乎外网IP及端口发生变动(例如运营商重启网关)后,natter是可以得知并且进行更新的,并且留下了hook脚本。
而nginx可以在使用不同域名访问时,跳转到指定的ip+端口,而配合lua-module,是可以实现动态修改配置文件中域名跳转目标的。
那么能不能在natter发生了IP地址更新时,通知某一台公网服务器的nginx进行配置文件的修改,并且重启nginx,实现直接通过指定不同二级域名,访问不同服务的目的(这样就不用关心IP端口发生变化了,因为nginx自己会去修改跳转到新的目标)

网页提供的服务进行跳转肯定是没有问题的,例如webdav、nextcloud、jellyfin一类的。
但例如微软远程桌面这种客户端里面,填入二级域名,可以完成跳转吗?或者是mc填写目标服务器一类的

如果运营商的IP变了有办法自动更新吗?

我已经设置了DDNS,域名也可以更新,如果我运行脚本后,除非我自己结束,否则他会一直运行下去

但是运营商的IP是会变化的,每一次变化我都要自己重新运行一下脚本,有没有办法实现自动更新IP以及端口并且推送呢?

关于运营商 NAT 类型的疑问,宽带突然从 NAT 1 变成 NAT 3

坐标苏州移动,之前尝试过使用 Natter 和 natmap 进行打洞,使用一切正常,连接稳定,正常使用了约半年,NAT 类型测试一直是 NAT 1 (Fullcone)。

突然一天晚上发现连接失败了,排查后发现 NAT 类型变为 3 (Port-restricted Cone),无法打洞,期间一直没有修改过 OpenWRT 路由和光猫的相关配置,尝试过重启光猫和路由器无果。且本地另一条同套餐的移动宽带 NAT 类型仍然是 NAT 1,不知道为什么这条突然变成了 NAT 3。

不知道是否有相关的先例,有什么可能的原因或排查方向吗?
(之后我可能试试查看下光猫配置或联系移动客服,但现在不在设备边上不太方便)

使用 nattertool/natter:alpine 镜像,-m iptables 实际修改变为 nftables

原因在于 Alpine Linux 的变更:

main/iptables: make default iptables* links to nft variant
https://gitlab.alpinelinux.org/alpine/aports/-/commit/f87a191922955bcf5c5f3fc66a425263a4588d48

目前构建的 Docker 镜像已指向 nft 变体导致功能发生改变。
需要修正 Dockerfile。

用例:

$ docker run --rm --net=host --cap-add=NET_ADMIN --cap-add=NET_RAW nattertool/natter:alpine -m iptables

2024-02-20 12:53:39 [I] Natter v2.0.0-rc2
# Warning: iptables-legacy tables present, use iptables-legacy to see them
iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument
OSError: iptables >= (1, 4, 1) not available

显示调用为 iptables v1.8.10 (nf_tables)

提供查询接口

提供接口能查询到目前的公网ip:port 这样我好在其他应用里进行通知

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.