nullbirf-hfs
doesn't need any installation. Just download the JAR file from any release, create a config file
and run the program:
java -jar nullbird-hfs-core-1.2.3.jar proxy-conf.json
nullbirf-hfs
need Java 17 or greater. You can see your java version with java -version
.
To install Java 17, you can either :
- Download it from your store (Linux)
- On Ubuntu you can get it through
sudo apt install openjdk-17-jre
- On Ubuntu you can get it through
- Download it from the official distros
The program comes bundled with a template of a config file. In order to use it, run the program with the following parameter:
java -jar nullbird-hfs-core-1.2.3.jar --save-config-template template.json
Then, have a look at the file template.json
and tweak it to fit your needs.
On Linux, you cannot listen to a port below 1024 without doing something special. You can:
This is discouraged. Root should be reserved for the system.
Install authbind
and run the following as root
:
touch /etc/authbind/byport/80 /etc/authbind/byport/443
chown <user>:<group> /etc/authbind/byport/80 /etc/authbind/byport/443
chmod 700 /etc/authbind/byport/80 /etc/authbind/byport/443
This way, the user <user>
will be allowed to run programs that listen to the ports 80
and 443
.
You then need to launch hfs with the following command:
authbind java -jar nullbird-hfs-core-1.2.3.jar proxy-conf.json
Run the following as root
:
/sbin/iptables -A FORWARD -p tcp --destination-port 443 -j ACCEPT
/sbin/iptables -t nat -A PREROUTING -j REDIRECT -p tcp --destination-port 443 --to-ports 8443
/sbin/iptables -A FORWARD -p tcp --destination-port 80 -j ACCEPT
/sbin/iptables -t nat -A PREROUTING -j REDIRECT -p tcp --destination-port 80 --to-ports 8080
# below needed for local access
/sbin/iptables -t nat -I OUTPUT -p tcp -o lo --dport 80 -j REDIRECT --to-ports 8080
/sbin/iptables -t nat -I OUTPUT -p tcp -o lo --dport 443 -j REDIRECT --to-ports 8443
Then, all requests to the port 80
of your host will be forwarded to port 8080
and all requests
to the port 443
to the port 8443
. You can then run nullbird-hfs
on ports http 8080
and https 8443
.
The drawback of this method is that both ports 8080
and 8443
are opened to the outside.