PrusaLink isn't accessible via other network interface
Hello
I have a problem with accessing PrusaLink (web interface) via other network interface, than default eth0. I am using PrusaLink 0.6.1 and Raspberry Pi 4.
I installed the system image by the standart way. And because I have somoe special network setting and "stuff", I want raspberry (with PrusaLink) in other network (security reasions, network architecture, etc.). And because I dont have ability to get cable direct from my network 48-port managment switch to the PrusaLink, I must use VLANs on raspberry.
So Iam set VLANs according to this manual, except small modification (VLAN ID etc.)... And network part of Raspberry get worked - RPi now have 2 IP adresses from others subnets. I can connect with SSH through both interfaces (physical and VLAN), so I thing the networking is correct.
BUT - I can acess prusalink web-managment only throught physical eth0 IP adress. When I want to connect to Web interface through VLAN eterface (f.e. eth0.123) I get "ERR_CONNECTION_REFUSED" in Chrome.
My finally plan is going to "disable" eth0 interface, so raspberry can't comunicate throught eth0 to main network (I tried it also, but the web via eth0.123 was unavailable).
So my "theory" is that PrusaLink ignores connection from others network interface than default eth0 (and maybe wlan0; I don't know - I don't use WiFi).
Do you now where can be a problem? Or any way to fix this issue?
PS: I am not a "linux expert", so it is possible that I must set somethong baisic, but I dont know about it.
Thank you verry much for help
Tomas
Best Answer by Tojik:
Hi,
Linux apps have to be root to have access to port 80 - you wouldn't want a regular user to replace what gets served by a web server.
It is a best practice to not run your apps as root either, so you either start as root, claim the port 80 then re-run your program under a normal user
or you redirected the port 80 to 8080 as root, then serve on the 8080 with normal privileges instead - (I now see that this circumvents the original fix somewhat. Meh, thanks for asking this. I'll ask my boss why he chose to do it this way)
Anyway, we set up the redirects in /etc/rc.local
iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
As your new NIC is not there, it does not get redirected the port 80 to it. So either add a line for your interface or try connection using the port 8080
'http://prusalink.local:8080' might work.
This is the first thing that came to mind, if it's not this, we'll have to look deeper.
Sorry for the trouble and thanks for trying out PrusaLink
RE: PrusaLink isn't accessible via other network interface
Hi,
Linux apps have to be root to have access to port 80 - you wouldn't want a regular user to replace what gets served by a web server.
It is a best practice to not run your apps as root either, so you either start as root, claim the port 80 then re-run your program under a normal user
or you redirected the port 80 to 8080 as root, then serve on the 8080 with normal privileges instead - (I now see that this circumvents the original fix somewhat. Meh, thanks for asking this. I'll ask my boss why he chose to do it this way)
Anyway, we set up the redirects in /etc/rc.local
iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
As your new NIC is not there, it does not get redirected the port 80 to it. So either add a line for your interface or try connection using the port 8080
'http://prusalink.local:8080' might work.
This is the first thing that came to mind, if it's not this, we'll have to look deeper.
Sorry for the trouble and thanks for trying out PrusaLink
RE: PrusaLink isn't accessible via other network interface
Hi,
Linux apps have to be root to have access to port 80 - you wouldn't want a regular user to replace what gets served by a web server.
It is a best practice to not run your apps as root either, so you either start as root, claim the port 80 then re-run your program under a normal user
or you redirected the port 80 to 8080 as root, then serve on the 8080 with normal privileges instead - (I now see that this circumvents the original fix somewhat. Meh, thanks for asking this. I'll ask my boss why he chose to do it this way)
Anyway, we set up the redirects in /etc/rc.localiptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080As your new NIC is not there, it does not get redirected the port 80 to it. So either add a line for your interface or try connection using the port 8080
'http://prusalink.local:8080' might work.This is the first thing that came to mind, if it's not this, we'll have to look deeper.
Sorry for the trouble and thanks for trying out PrusaLink
Yes, it wasi it 😀! Via IP on eth0.123 and port 8080 I can access web-ui, so I set "port-forward" (as you wrote). And now I can access prusalink web-ui normal on port 80 via VLAN NIC. Thank you very much!
I didn't know about this fact, that you nativelly run web-ui on port 8080 and acess from 80 is done by port-forward (maybe I could have tried the port scanner, but I didn't think of that 😓; Sorry).
If that fact (redirecting) was mentoiden somewhere in documentation, i would like to very sorry.
Again - Thank you very much for your help with this problem. I simply mustn't using thing in normal way and must do something special and ""bother" others for help 😅.
Thank you!
RE: PrusaLink isn't accessible via other network interface
No problem, I don't think it's documented in this version. I have it in the new readme but that's not public yet. Just wanted to say. You weren't bothering anyone, no need for the self deprecating comment 🙂
Maybe I'm wrong, in which case I am sorry for reccommending this. Check out HealthyGamerGG on YT, it helped me.
Cheers