![]() # Stop the service gracefully if the network goes down. It is a safe bet that the DNS is able to run now. # Only start this service after the httpd user process has started. # Starting this service job will also start the nxfilter-setup task job # Add port redirection to serve DNS queries on one of the non-privileged portsĬreate an nf file in /etc/init/ with the following content: description "Starts the NxFilter DNS server on a non-privileged port at NAS startup" # Since Synology DS115j NAS does not support nat tables out of the box we will add this first. # to let the DNS server use one of the higher, non-privileged ports # As solution this uses local port redirection # but root is actually required to bind to Port 53 (for DNS) # Note: Running as root (the default) is a bad idea, # Only start this task when the nxfilter service job is starting ![]() # output is logged to a file in directory /var/log/upstart/ The setup and teardown tasks will be invoked automatically." ![]() Usage "Start NxFilter simply with 'start nxfilter'. Tear down the port redirection, with root privilegesĬreate an nf file in /etc/init/ with the following content: description "Prepares the system to start the NxFilter DNS server on a non-privileged port at NAS startup".Setup the port redirection, with root privileges. ![]() However, the job needs to be split in 3 parts: To keep the NxFilter DNS server automatically running over NAS reboots, you can create an Upstart job configuration, that will cause a job to run at startup and shutdown of the NAS. Rmmod /lib/modules/nf_nat.ko Using Upstart to keep it running Iptables -t nat -D PREROUTING -p udp -dport 53 -j REDIRECT -to-port 8053 This should produce the following log on the console:Ĭheck the presence of the admin GUI at Now let’s shut it down again for the moment. Then try to run it testwise using the provided startup script /volume1/homes/NxFilter/bin/startup.sh Iptables -t nat -A PREROUTING -p udp -dport 53 -j REDIRECT -to-port 8053 You will need to start Nxfilter via the SSH console, which requires you to log in as root (using the administrator password) ssh have the port forwarding working, add the following kernel modules and add the rule: insmod /lib/modules/nf_nat.ko (Hint: to use the convenient online text editor, first rename the file to ) Editing the NxFilter config fileĮdit the port configuration to this, for example (with an added line for the DNS port): http_port = 8080 To do so, edit the home/conf/cfg.default file and save it as cfg.properties file. To avoid avoid the necessity to run as root, you should use an alternative port for the NxFilter admin GUI as well as the DNS service.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |