Thank you for asking. Here are more details about what I want to offer. I have never heard anything like this before.
I would like to use this forwarding function in different ways. One is that I want to offer sightseeing walks. On this walks I want to show a PowerPoint-presantation on the mobile devices of the participants. I use a presentation software running on a tablet that is connected by LAN to my router. That software shows the presentation at http://192.168.1.2:4316/main. Because of the port 4316 it doesn't work to just edit the /etc/hosts file.
What I want is that the participants log in to my wifi and will be directly forwarded to the local address. And if they type any other address or if the search something on Google or anything else they should be forwarded to the presantation on 192.168.etc.
There are two problems right now. 1. What is the best way to setup the forwarding function? 2. Since I do not offer an internet connection the devices do not want to connect to my wifi. Is there a way to simulate an internet connection?
Last edited by brittany123 on Tue May 25, 2021 10:23; edited 1 time in total
What you want to do is setup your web server to respond to ANY URL queries. This is the default for Apache in fact. Then you setup your DNS server with a wildcard so that any query for any hostname will be sent to your webserver's IP address. Normally wildcards in DNS are bad bad bad and this example (private network not connected to the Internet) is one of the few examples I have ever seen that justifies their use. As for the weird port number, once more that is handled by the redirect on your webserver.
You aren't the first person to think of this, by the way.
Dear tedm, thank you very much for your response. I would like to test your suggestion but I have a question first. I only have a computer/tablet with a regular Ubuntu 20.04 and my router. I will not be at home and will not have a server available. Does your suggestion work anyway? Do I have to install something like LAMP on my Ubuntu? Do I have to setup my router in any special way?
Most of these are tricks that the author has thought up to show how clever he is, but if you have any of these already installed (my guess is you do) then you can use one without the bother of installing a "real" webserver. Then all you would need is an index.html page that would contain an HTTP redirect to your actual presentation software and port number. It could even redirect to the IP address and port number URL you posted if it needs to.
Here's instructions for what you need in a simple index.html page
The port forward @wildlion has already covered (and yes check the syntax)
All the baloney traffic devices send (update requests, etc) will be ignored since your tablet isn't going to have a service active on those ports but you can use the ufw firewall if you like to just allow only port 80 and port 4316 to be open:
So if I open manually 127.0.0.1:8000 I am forwarded to 192.168.1.etc. But how do I set up the wildcard? It seams to me that I should install dnsmasq or is there a way to set a wildcard in dd-wrt on the router? And if not, can someone explain a little bit more, how to set the wildcard?
I think you have lost me... are you running the python3 web server on the router or the desktop?
Port forwarding and port range forwarding are for traffic from the WAN to the LAN.
The problem should be very simple, you have a server setup on the LAN, if you can direct connect (ie type in the ip address of the webserver/port from one device on the LAN) then the webserver is setup correctly.
Then from the router you just override all traffic to point to that server. So have dnsmasq on dd-wrt set using:
(where 192.168.1.2 is the ip address of the server you want everything to resolve to be)
This will only do things if people type in (dd-wrt.com or something similar), thus the rest is done by iptables either on the router or the server to redirect the ports to the correct port (ie 80 to 4316), and then if people try to type in ipaddress manually have the iptables on the router redirect all traffic to other ip addresses to the server.
This will get the majority of the cases, (if people are running dns over https or similar) they will time out since you are not providing that.
My question is, is there any chance to forward queries on port 443 to 80? Would it be helpful to run the web server on the router or to run iptables on the router?
https negotiations take place after DNS redirects and before web-server redirects. Your python web server must establish an https connection to the web browser before it can issue the http redirect. Also, even if you DID run a version of python that could setup as an https server, the client would get an https invalid certificate error unless they used a hostname listed in the certificate. And no certificate authority on the Internet will issue a certificate with a hostname of *
I have to ask how stupid are your users? This is a TOUR you are talking about. Tell the users to go to http://whatevertheheckmynameis.com and have the tour guide EXPLICITLY tell them to use http:// not just type in whatevertheheckmynameis.com into their browser.