search

caddyserver / forwardproxy

Forward proxy plugin for the Caddy web server
Apache License 2.0
603 stars 228 forks source link

Could not connect #70

Open marcus65001 opened 5 years ago

marcus65001 commented 5 years ago

1. Is bug reproducible with latest forwardproxy build?

Yes

2. What are you trying to do?

Trying to connect the proxy

3. What is your entire Caddyfile?

a.example.com, b.example.com {
    forwardproxy {
        basicauth user1 123456
        ports 80 443 11001
        response_timeout 30
        dial_timeout     30
    }
    root /root/www
}

4. How is your client configured?

5. How did you run Caddy? (give the full command and describe the execution environment). If multiple servers are used (for example with upstream), describe those as well.

Under CentOS 7 caddy -conf Caddyfile

6. Please paste any relevant HTTP request(s) here.

7. What did you expect to see?

The proxy working on all three ports.

8. What did you see instead (give full error messages and/or log)?

When I try on port 80, it gave me "404 Site google.com is not served on this interface" on Firefox and "ERR_TUNNEL_CONNECTION_FAILED" on Chrome On port 443, it gave me "Connection Reset" on Firefox and "ERR_EMPTY_RESPONSE" on Chrome On port 11001, it gave me "Connection Reset" on Firefox and "ERR_PROXY_CONNECTION_FAILED" on Chrome

9. How can someone who is starting from scratch reproduce the bug as minimally as possible?

bcookatpcsd commented 4 years ago

cat -n proxy.conf 1 :8118 { 2 gzip 3 root /srv/http 4 log stdout 5 6 forwardproxy { 7 hide_ip 8 hide_via 9 } 10 } 11

cat -n caddy.conf 1 :80 { 2 gzip 3 # root /usr/share/caddy 4 root /srv/http 5 log stdout 6 } 7 8 import caddy.conf.d/.conf

If I put the ports on the inside, Caddy will not start. I have not confirmed if the gzip actually works or not..

Logs look like this:

2020/02/06 12:27:19 192.168.40.190 - - [06/Feb/2020:12:27:19 -0500] "CONNECT / HTTP/1.1" 502 16 2020/02/06 12:27:20 192.168.40.190 - - [06/Feb/2020:12:27:20 -0500] "CONNECT / HTTP/1.1" 200 0 2020/02/06 12:27:20 192.168.40.190 - - [06/Feb/2020:12:27:20 -0500] "CONNECT / HTTP/1.1" 200 0 2020/02/06 12:27:20 [ERROR 502 ] Lookup of syndication.twitter.com failed: lookup syndication.twitter.com: no such host 2020/02/06 12:27:20 192.168.40.190 - - [06/Feb/2020:12:27:20 -0500] "CONNECT / HTTP/1.1" 502 16 2020/02/06 12:27:20 [ERROR 502 ] Lookup of imasdk.googleapis.com failed: lookup imasdk.googleapis.com: no such host 2020/02/06 12:27:20 192.168.40.190 - - [06/Feb/2020:12:27:20 -0500] "CONNECT / HTTP/1.1" 502 16 2020/02/06 12:27:21 [ERROR 502 ] Lookup of static.scroll.com failed: lookup static.scroll.com: no such host 2020/02/06 12:27:21 192.168.40.190 - - [06/Feb/2020:12:27:21 -0500] "CONNECT / HTTP/1.1" 502 16 2020/02/06 12:27:21 [ERROR 502 ] Lookup of cdn.tinypass.com failed: lookup cdn.tinypass.com: no such host 2020/02/06 12:27:21 192.168.40.190 - - [06/Feb/2020:12:27:21 -0500] "CONNECT / HTTP/1.1" 502 16 2020/02/06 12:27:21 [ERROR 403 ] No allowed IP addresses for www.npttech.com 2020/02/06 12:27:21 192.168.40.190 - - [06/Feb/2020:12:27:21 -0500] "CONNECT / HTTP/1.1" 403 14 2020/02/06 12:27:21 [ERROR 502 ] Lookup of c.amazon-adsystem.com failed: lookup c.amazon-adsystem.com: no such host 2020/02/06 12:27:21 192.168.40.190 - - [06/Feb/2020:12:27:21 -0500] "CONNECT / HTTP/1.1" 502 16 2020/02/06 12:27:22 [ERROR 502 ] Lookup of z-na.amazon-adsystem.com failed: lookup z-na.amazon-adsystem.com: no such host 2020/02/06 12:27:22 192.168.40.190 - - [06/Feb/2020:12:27:22 -0500] "CONNECT / HTTP/1.1" 502 16

caddy -plugins | grep forward http.forwardproxy

caddy -version v1.0.4

The 502's are dns failures; adblocking..

HTH