|
|
|
|
|
|
by 3np
2068 days ago
|
|
|
I'm in the exact same phase - been doing hosting/ops/sysadmin for most of my life but only starting to pay serious attention to the networking since recently. Something I've yet come up with a good solution for that I feel should be much more common and simple, maybe you can point me to the right direction for (and maybe the answer is iptables, urgh): (Containerized) P2P software that should be routed through some other endpoint before reaching/beaing reachable from the network. Example: Bitcoin full node or Bittorrent node running in a Docker container on one of my home servers (where the host runs other software too). For all intents and purposes I want the nodes to route traffic through a VPS in some other DC (in this case bridged via wireguard). Incoming's easy enough with reverse proxies/load balancers, but with all the UDP traffic on random ports, outgoing TCP connections, etc, I haven't figured out a way to make it not leak my IP in some way. Feels this should be dead easy but I'm stumped. Oh, and assume no support of SOCKS proxies in the software itself. I'm aware of hidden onion services but talking clearnet here. |
|
|
Failing that, you're probably stuck with iptables and maybe Linux namespaces.