IPFire Community

Reroute xxxx.com to lokal ip of nextcloud?

joeko (joern kortum) 11 July 2024 18:49 1

hi there,
i use a lokal nextcloud on 123.123.123.10.
with letsentcrypt i got an certificat for https. on the smartphone i use the nextcloud app with an dynamic domaine service (xxxx.com)
on windows i can modify the hostfile to
123.123.123.10 xxxx.com

on windows i will reroute to the nextcloud on this way.
now i have tried it on ipfire with add host.
but after these settings i can see on the traffic that the smartphone (with wifi connected to lokal lan in green zone) go to the internet back to me home to the nextcloud.

is it not possible that ipfire reroute the public adress xxxx.com direkt to the lokakal adress 123.123.123.10 ?

tphz (iptom) 12 July 2024 07:50 2

Is this the true address of your internal network?

edit

Regards

nickh (Nick Howitt) 12 July 2024 09:21 3

The IPF hosts file should do it, as long as the device is using IPF for its DNS.

1 Like

joeko (joern kortum) 12 July 2024 09:43 4

123.123.123.10 is not the real adress
real ist 192.168.120…

joeko (joern kortum) 12 July 2024 09:47 5

hmm, over network/host or over ssh ?
the smartphone is conneted to an fritz repeater and the repeater is connected to the the nic to blue zone. all fine no problem.
but if i connect (smartphone connected to wifi) i can see that the route go over the internet and not lan from ip blue to ip nextcloud

bbitsch (Bernhard Bitsch) 12 July 2024 10:05 6

Do you mean mobile net with ‘internet’?
Then just switch off the mobile internet access while connected to your local WLAN.

joeko (joern kortum) 12 July 2024 11:20 7

also than

(phone=) 192.168.220.4 > 192.168.250.98 out 149.xxx.153.xxx
149.xxx.153.xxx in 192.168.250.98 > 192.168.240.2 (=nextcloud)

for me it looks like the traffic go over the net back to the fritzbox-ipfire-nextcloud

joeko (joern kortum) 12 July 2024 11:22 8

should it not be
(phone=) 192.168.220.4 > 192.168.250.98 to 192.168.240.2 (=nextcloud) ?

1 Like

bbitsch (Bernhard Bitsch) 12 July 2024 11:34 9

Could you specify your local networks, please?
What is network 192.168.220.0/24, network 192.168.240.0/24, device 192.168.250.98?

joeko (joern kortum) 12 July 2024 12:24 10

192.168.250.98 = sbc to router or fritzbox
192.168.240.2 = blue with the nextcloud
192.168.220.2 = green and with fritz repeater as ap

the phone has 192.168.220.4

tphz (iptom) 12 July 2024 12:57 11

And where is this subnetwork?

joeko (joern kortum) 12 July 2024 13:25 12

subnetwork is 255.255.255.0
but i set the dns on 192.168.220.1 to 192.168.250.1
the fritzbox

bbitsch (Bernhard Bitsch) 12 July 2024 13:50 13

How does your smartphone access the nextcloud server?
By FQDN? Is it reolved to a local blue address?
By IP? Is it an IP of blue ( 192.168.240.0/24)?
The access from green to blue should work according to chapter ‘Default zone ruleset’ of www.ipfire.org - Firewall Default Policy

joeko (joern kortum) 12 July 2024 14:07 14

regulary i use the nextcloud app with an dnydns account (xxxx.com)
if i connect in my wlan to this address than show me ipfire a connection from phone to sbc to net and from net to nextcloud. now i have tried over a browser with lan ip of nextcloud 192.168.240.2 and i can see in the traffic a connection from 192.168.220.4 (phone) to 192.168.240.2 (nextcloud) direkt

bbitsch (Bernhard Bitsch) 12 July 2024 15:19 15

You connect with your nextcloud app to your DynDNS name ( a FQDN ), mync.ddns.de for example. Am I right?

If 149.xxx.153.xxx is your public IP ( from your ISP ), then the connection is right.

the app sends a DNS request for mync.ddns.de
the DNS server answers with 149.xxx.153.xxx ( the registered IP for the hostname )
the app connects to the IP given
IPFire gets a destination IP, which isn’t inside the known local nets
the packet is sent on red to the fritzbox
the fritzbox knows this IP as it’s WAN address and therefore forwards the packet to IPFire ( the client connected on his LAN )
IPFire forwards the packet according to its config to the local nextcloud server

joeko (joern kortum) 12 July 2024 15:27 16

yes right.

on windows i modified the host and if i open xxxx.com than the host reroute it to the lan ip without public dns.
today i have tried this on ipfire without sucess. is this not possible ?

bbitsch (Bernhard Bitsch) 12 July 2024 15:48 17

You can add the host’s definition to IPFire. But you must force your smartphone to use the DNS server of IPFire. If the nextcloud app asks any other DNS server your modification isn’t relevant for the request.

joeko (joern kortum) 12 July 2024 16:03 18

no, if i use the xxxx.com adress than the route go over the net. if i set host entrie or not, no different.

if i use the lan ip than ipfire route direkt without net.

both also with a browser.
it confused me a little

bbitsch (Bernhard Bitsch) 12 July 2024 16:13 19

Then your clients do not really ask IPFire only for DNS name resolution.
If there is an entry (xxx.com address, 192.168.240.2) in Network → Edit Hosts ( see www.ipfire.org - Edit Hosts ), unbound -IPFire’s DNS resolver- answers with the local address to a question for the nextcloud FQDN.

The clients should have cleared their DNS cache before, also.

joeko (joern kortum) 12 July 2024 16:15 20

yes but not here
do i have to reboot or so ?