Bitcoin Forum
May 04, 2024, 06:53:09 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Bitcoin Technical Support / Full node through VPN on: February 07, 2018, 12:59:19 AM
Sorry for not being closely bitcoind related issue, but any help is appreciated:

1. I successfuly setup my bitcoin full node based on bitcoind 0.15.1 running on odroid hc1 with ubuntu and ssd disk connected through hc1 sata. I really like the compact setup. It has synced today in less then 2 days
2. I run it in my home network, connected to internet via cable to home router. I don't have public IP, as my ISP does not provide it, exposes one shared outside IP
3. I have unlimited data plan so I am trying to achieve that my node is reachable by other nodes so I
    - setup OpenVPN server on small ubuntu VPS with public IP I have, seems to work correctly
    - setup OpenVPN client on my odroid, seems to work
    - setup tunneling of traffic through OpenVPN server (https://linode.com/docs/networking/vpn/tunnel-your-internet-traffic-through-an-openvpn-server/)
4. After setup, my odroid annouces IP address of VPN server (wget -qO- http://ipecho.net/plain ; echo), and keeps multiple connections to other nodes

However when I try to reach my node through Bitnodes or other port checker I get port 8333 (and actually all other common ports except 22) closed.

I am using iptables-persistent with rules advised in linode docs, where I added rules for bitcoin mainnet / testnet / lightning ports. I have ufw firewall rules (but ports does not work with ufw disabled anyway). I have net.ipv4.ip_forward=1 enabled in /etc/sysctl.d/99-sysctl.conf and openvpn server.conf setup accordingly on my VPS.

Here are mine /etc/iptables/rules.v4, once again any help appreciated

Code:
                                        File: /etc/iptables/rules.v4

# Generated by iptables-save v1.6.0 on Wed Feb  7 00:59:06 2018
*nat
:PREROUTING ACCEPT [3:185]
:INPUT ACCEPT [2:88]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.89.0.0/24 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.89.0.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Wed Feb  7 00:59:06 2018
# Generated by iptables-save v1.6.0 on Wed Feb  7 00:59:06 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -s 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p icmp -m state --state NEW -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 8333 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 18333 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 9735 -j ACCEPT
-A INPUT -i eth0 -p udp -m state --state NEW,ESTABLISHED -m udp --dport 1194 -j ACCEPT
-A INPUT -i eth0 -p udp -m state --state ESTABLISHED -m udp --sport 53 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 53 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 443 -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A INPUT -m limit --limit 3/min -j LOG --log-prefix "iptables_INPUT_denied: "
-A INPUT -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i tun0 -j ACCEPT
-A FORWARD -s 10.89.0.0/24 -i tun0 -o eth0 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -m limit --limit 3/min -j LOG --log-prefix "iptables_FORWARD_denied: "
-A FORWARD -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 22 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 8333 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 18333 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 9735 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m state --state ESTABLISHED -m udp --sport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m state --state NEW,ESTABLISHED -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 80 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 443 -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -m limit --limit 3/min -j LOG --log-prefix "iptables_OUTPUT_denied: "
-A OUTPUT -j REJECT --reject-with icmp-port-unreachable
COMMIT
2  Bitcoin / Development & Technical Discussion / How does HD wallet recovery from seed recovers all used addresses? on: January 10, 2018, 04:37:30 PM
Hi, I have just migrated my paper wallet to new Ledger wallet. Ledger uses one 24 words seed, that is able to recover the wallet(s) in case something bad happens...

On high level, I understand that all wallet addresses private/public keys are define from single private key, that is recoverable using the seed.
What I do not get, how the wallet app that I would use for potential recovery process "knows" how many addresses I actually generated/used and have unspent outputs (meaning BTC).
As Ledger generates new derived address for each tx and presumably new address for each tx change, there can be arbitrary number of addresses that had been used - and this is uknown to the recovery seed / wallet.

How does then the recovery wallet app rebuilds from seed the wallet with all relevant addresses?
Thx and sorry if it turns out to be stupid question...
mvan
3  Bitcoin / Hardware wallets / Ledger Nano S - issue with setting default chain for BTC and BCH wallets on: January 10, 2018, 04:04:59 PM
Hi, I have just got fresh new Ledger Nano S. After setup I successfully transferred my BTC and BCH balances form paper wallets to BTC (segwit) and legacy BCH address - for this I choosed to connect to BCH chain when asked by wallet app. All smooth. I then realized there is dedicated BCH  app I can install from ledger app manager. Did it and then I tried to check the checkbox to setup default chains to connect to from either wallet (BTC for BTC wallet and BCH for BCH wallet) - so I could get rid of annoying prompt.

However, when I reconnect to check it, the default setting applies for both wallets, so I see BTC account/balance from both BTC / BCH wallets. When I try to change it through Settings > set blockchain in BCH wallet, the setting changes, but, helas, once again for both ledger wallets - after reconnecting I see BCH in my BTC wallet...

Did somebody went through this?
Thx in advance
mvan
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!