Access to specific domain from specific IP in local network

evgeniy317

1/17/24, 6:23 AM

I have in my local network some docker containers with firefox that running on different ports like 5801, 5802, etc. So that only the device from which the launch was requested was accessible, i used the following command like this:

iptables -I INPUT \! --src 1.2.3.4 -m tcp -p tcp --dport 5801 -j DROP

where 1.2.3.4 is a user IP.

But now i have made domain names for these containers. They work fine, but now anyone can connect to any container. So my question is, how do i allow only one user to access only one domain and drop everyone else?

For example:

user1 launch container1 with domain name sub1.domain.example
user2 launch container2 with domain name sub2.domain.example

And user1 should only have access to sub1.domain.example; user2 - only to sub2.domain.example.

I already tried to use ipset, but got this:
ipset v6.23: Cannot open session to kernel.

My server is a Synology NAS.

1 + 0

local-area-network

iptables

synology

Score:0

Server

vidarlo

1/17/24, 7:10 AM

You're solving this on the wrong layer. Don't try to solve it on IP layer. That's just inflexible in most cases.

Implement some sort of authentication in the applications you serve, either directly, or with some authentication in front of it, such as oauth2-proxy.

If you implement a proper frontend, you could even just have example.com, and redirect users behind the scenes based on privileges.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Access to specific domain from specific IP in local network

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.