rejetto forum
Software => HFS ~ HTTP File Server => Topic started by: youngbucks on July 03, 2008, 02:49:22 AM
-
I have a server set up and frankly i love hfs better than any other file server software ive used but i have a short problem now. I uploaded files to my server but when i try to download them it doesnt let me, even a text file i cant download. I keep getting "Unable to connect". It uses stunnel and i forwarded my ports and i connect fine but i cant download. Some assistance would be appreciated. Also when other people try to connect they get "connection refused by the host", and in the logs it shows no attempt of someone trying to connect. Ive searched through multiple threads and cant find a solution and id really like to get this fixed because i really like hfs.
You can try connecting here https://onpoint.gotdns.com/ .
-
welcome yb!
i can't help you because i never used stunnel, but i would have included the word "stunnel" in the topic, to catch the attention of stunnel users.
you can edit if you like.
-
Hello!
I do not know if this will solve your problem, but I can tell you a sample configuration.
Settings for stunnel.conf:
[https]
accept = 0.0.0.0:443 (Example PORT forwarded in your router)
connect = 127.0.0.1:44300 (Example PORT LISTENED BY HFS)
TIMEOUTclose = 0
You must also mention the port in the link for users
example:
https://onpoint.gotdns.com:443/
To avoid mentioning the port, you can also create a second domain name that will redirect the link to your HFS SSL.
Example (two parts):
http://onpoint.gotdns.com (URL entered by user)
A second domain name for redirection settled in DNS account (no-ip or DynDNS ...)
Example:
https://onpointssl.gotdns.com:443/
Starting from the first address, the user will be redirected to your SSL server without having to enter either the port or the real address of your server.
Hoping that this will help you.
PS/ Screen captures for HFS settings.
Example for access in my server.
http://silentpliz.serveftp.com
ID: test
PASS: test
-
First determine where the problem is. To test, don't use stunnel at all. Connect using HFS only, do your file transfers. If everything is working properly, then the problem is with your stunnel configuration.
-
Ok ive decided to start over again to pin point the problem easier, ive uninstalled HFS and downloaded v2.2 and set it up as follows. Without any domain name (I removed it) i would like one of you to try connecting here and see if you can connect http://192.168.0.100/ . I tried connecting through a proxy and no such luck. Does the fact that i have dynamic ip address pose a problem?
Here are my current settings:
Dlink port forwarding settings:
(http://img375.imageshack.us/img375/3043/14992803kd2.th.jpg) (http://img375.imageshack.us/my.php?image=14992803kd2.jpg)
Self test saying it is working fine:
(http://img379.imageshack.us/img379/3905/27884679mg6.th.jpg) (http://img379.imageshack.us/my.php?image=27884679mg6.jpg)
Settings in HFS:
(http://img357.imageshack.us/img357/7168/93748526im6.th.jpg) (http://img357.imageshack.us/my.php?image=93748526im6.jpg)
(http://img382.imageshack.us/img382/8923/94813683cu8.th.jpg) (http://img382.imageshack.us/my.php?image=94813683cu8.jpg)
(http://img382.imageshack.us/img382/1530/34285616md6.th.jpg) (http://img382.imageshack.us/my.php?image=34285616md6.jpg)
-
The address that you mentioned (192.168.0.100) is a local address IP.
This can not work that way.
You must use EXTERNAL IP or Domain Name, more your external port.
to find your external ip in hfs:
Menu > IP adresse > Find external IP
sample "valid" link >>>> http://188.41.48.116:80/
Red=External IP
Green= PORT listened by HFS
Set HFS for accept connections on any adress, and set IP Adresse on Your External IP number (or Domain Name)
-
This is the external ip adress 99.227.135.43 and the current port is 80.
-
This is the external ip adress 99.227.135.43 and the current port is 80.
Works.
-
Yeeaaa! :)
It just remains you to put files. ;)
-
Ok thanks guys now im going to put a file on it and tell me if you can download it please. Im gonna ask u guys to test it out as i go along to prevent another problem :D
Edit* Seems to be working, thanks to whoever just downloaded.. And sorry for the slow upload speed im currently using the internet lol ;D
-
test.part1.rar received .... cool :)
-
Thanks. ;) Im currently going to go and install stunnel once again and ill report back here shortly.
-
to follow ... ;D...
-
Do not use the SSL certificate supplied with STunnel, this is not safe, because it is always the same.
Consult the online help to make it with OpenSSL, or use a program like Filezilla SERVER to generate one.
Important about HFS and SSL:
http://www.rejetto.com/wiki/index.php/HFS:_Secure_your_server
-
Yeap i read that part and made my own lol :) ... Ok ive added stunnel to it and changed the port for HFS to listen on and now when i run self test it fails both with stunnel running and not running. The article i read stated "Do not forward port 44300 on your router." and so i didnt. You can once attempt to connect again http://99.227.135.43:44300/ . Settings are as follows:
DLINK:
(http://img301.imageshack.us/img301/3089/79449686tz7.th.jpg) (http://img301.imageshack.us/my.php?image=79449686tz7.jpg)
Firewall Settings:
(http://img301.imageshack.us/img301/5485/88814570sx4.th.jpg) (http://img301.imageshack.us/my.php?image=88814570sx4.jpg)
(http://img55.imageshack.us/img55/8075/38211340rp0.th.jpg) (http://img55.imageshack.us/my.php?image=38211340rp0.jpg)
Self Test:
(http://img354.imageshack.us/img354/7928/91109080xs1.th.jpg) (http://img354.imageshack.us/my.php?image=91109080xs1.jpg)
HFS Settings:
(http://img179.imageshack.us/img179/3803/30274465ww5.th.jpg) (http://img179.imageshack.us/my.php?image=30274465ww5.jpg)
(http://img530.imageshack.us/img530/7599/30475557od5.th.jpg) (http://img530.imageshack.us/my.php?image=30475557od5.jpg)
(http://img257.imageshack.us/img257/1554/89587234su0.th.jpg) (http://img257.imageshack.us/my.php?image=89587234su0.jpg)
-
It's OK, but the correct address is: https://99.227.135.43:443/
The port 44300 is the port listening by HFS, and is local.
The address for your user is the one cited above.
Edit: It is normal that the self test fails, do not worry, everything works fine!
-
So i should change the port of HFS to 443?
-
So i should change the port of HFS to 443?
NNNNNOOOO! ;D
(a link is sent to STunnel to port 443 and is accepted by the port 44300 on hfs.)
Users spend a STunnel, therefore, on port 443 ... your parameters are good.
Your links to users must point to the port 443 and not the port 44300
-
lol ok thanks alot for your help man ;D Im going to now add a domain name and link it to https://99.227.135.43 or https://99.227.135.43:443?.
Edit* i got a question and sorry if it comes out sounding stupid lol but isnt my HFS supposed to be https and not http?
Linked to onpointyb.kicks-ass.net . Please test :D
-
lol ok thanks alot for your help man ;D Im going to now add a domain name and link it to https://99.227.135.43 .
Edit* i got a question and sorry if it comes out sounding stupid lol but isnt my HFS supposed to be https and not http?
https://99.227.135.43 it's a link https, but it's STunnel which is the "interface" SSL. The exchanges with the outside world are made via STunnel ... So SSL (https).
-
Try https://onpointyb.kicks-ass.net for me plz ;)
-
OK... 5/5 ;) the link is good.
-
Thanks alot man you were a big help ;D
-
You'r welcome! ;D
-
I had forgotten ...
In Menu> IP Address> Custom ... add your domain name and 127.0.0.1 (one per line)
In Menu >"Accept connection on" and Menu > "IP Address", chosen 127.0.0.1
You shalt have nothing more to touch, when your dynamic IP will changing.
SilentPliz
-
So i change the current ip to 127.0.0.1 and accept connections on 127.0.0.1?
-
Oui... sorry, yes :D
-
lol ok... but doesnt that clash with the fact that i have this "\127.0.0.1" in my ban list?
-
The \ before 127.0.0.1 means that hfs accepts only connections from the address 127.0.0.1
-
Ok ive done that.. hope everthing goes fine when i release this to my team. Well be using this alot! 8)
-
If you do not forget to start your "client DNS " :) or put your domain name in your router (if the option is possible) ... you had to be quiet for a long time.