[nos-bbs] https support web based BBS access (mod_proxy)

M Langelaar maiko at pcsinternet.ca
Fri Nov 19 11:52:19 EST 2021 

Good morning,

This feature requires you to run apache with mod_proxy capabilities. 
I'll leave
it to you to get that done on your own. If you don't have apache or 
don't want
to install it then this is not for you. If you can get it work for NGINX 
as well ?

See my danger warning about proxying at the end of this email - 
important to read !

This will all be added to the j2addendum 'soon', but in case people want 
to play :)

Including other improvements as well, the latest bbs10000.c from the 
offiical
rsync site has support for anyone wanting SECURE access to the JNOS port
10000 web based user bbs interface. You can just grab the one file if 
that's all
you are interested in. The procedure is as follows :

1) edit your config.h and add the following entry at the top :

     #define APACHE_MOD_PROXY_BBS10000

2) grab the latest bbs10000.c from the rsync site

3) compile your jnos (don't have to do a mass compile) as follows :

     rm bbs10000.o ; make

4) edit your httpd.conf and INSIDE of your virtual host :443 add these
     two entries (replacing the IP information with whatever your internal
     JNOS ip address happens to be, these are from my system) :

     ProxyPass "/jnosbbs" "http://192.168.4.201:10000"
     ProxyPassReverse "/jnosbbs" "http://192.168.4.201:10000"

The #define I mentioned earlier relies on the exact jnosbbs suffix, so
just make sure your ip address is correct, the port is the default.

There is a danger of running this in proxy mode, regardless of doing
it this way or using that perl tcp redirect proxy I mentioned before. The
way JNOS does it`s `callback`management is that it depends on unique
IP addresses to figure out which session an incoming user should be using
internal to JNOS. With proxy mode, the danger is if someone is already
connected ? any subsequent user will be greeted with and be allowed to
interact with that calls session, and see and affect everything going on !

That is very dangerous. SO, if you are going to proxy to the internet,
then do NOT make your link public. I am trying to find a way to deal
with this, and making some progress, but it's not done yet. You've
been warned.

But for personal use, and firewall rules, this might be very handy for
those that want to check their JNOS systems via web interfaces, ie:
on a phone or something. I'll try and figure this conflict out asap.

Maiko / VE4KLM

More information about the nos-bbs mailing list