Hi Peter!
The high-level problem was to install Nginx on an Asuswrt-Merlin router to
reverse proxy certain websites through an established OpenVPN Split-Tunnel.
To do that, I had to ensure the Nginx Workers were using a specified Source
IP and/or Ephemeral Port which could be MARKed by iptables f
Gary,
This was interesting to read. There was one thing that wasn’t obvious to me
however.
What was the high level problem that you were solving with this specific
configuration?
Curiously
Peter
Sent from my iPhone
> On Oct 30, 2020, at 3:16 PM, garyc...@yahoo.com
> wrote:
>
> All:
>
All:
After reviewing the iptables chains workflow, I discovered that the Nginx
Worker (100.64.8.236:12345) outside interface was associated with the OUTPUT
chain.
(192.168.0.2:12345) OUTPUT ==>
(192.168.0.154:$po
All:
I discovered a single SYN packet being sent from 192.168.0.2:12345 (nginx
worker) when initiating traffic. Nothing more.
# netstat -anp|grep 12345
tcp0 1 192.168.0.2:12345 172.64.163.36:443 SYN_SENT
14176/nginx: worker
For whatever reason, that packet isn't show
X All:
I'm attempting to configure nginx to reverse proxy requests from
(192.168.0.2:12345) the same Internal Host Address that it's listening from
(192.168.0.2:443) on separate ports using the listen and proxy_bind
directives.
# /opt/sbin/nginx -v
nginx version: nginx/1.19.2 (x86_64-pc-linux-gn
