未分類
30 8 月 2020

tinyproxy 在多网卡绑定非主路由网卡的时候回程无数据,该排查哪?

tinyproxy 在多网卡绑定非主路由网卡的时候回程无数据,该排查哪?

資深大佬 : phpfpm 8

proxy 的路由表:

[email protected]:/etc/tinyproxy# ip route default via 192.168.0.1 dev enp2s0 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 192.168.0.0/24 dev enp2s0 proto kernel scope link src 192.168.0.138 192.168.20.0/24 dev wlp4s0 proto kernel scope link src 192.168.20.112

tinyproxy 的配置:

Port 8888 Listen 192.168.0.138 Bind 192.168.20.112 #BindSame yes

curl via proxy 的现象:

$ curl https://xxx/ip -x http://proxy.server:8888 -vvv *   Trying 192.168.0.138:8888... * TCP_NODELAY set * Connected to proxy.server (192.168.0.138) port 8888 (#0) * allocate connect buffer! * Establish HTTP proxy tunnel to xxx:443 > CONNECT xxx:443 HTTP/1.1 > Host: xxx:443 > User-Agent: curl/7.68.0 > Proxy-Connection: Keep-Alive >  * Proxy CONNECT aborted * CONNECT phase completed! * Closing connection 0 curl: (56) Proxy CONNECT aborted

所以总结一下现象是 proxy.server 的 8888 端口可以连上,去程 ok,回程挂了。

tinyproxy 的 log:

INFO      Sep 12 07:31:21 [410600]: Initializing tinyproxy ... INFO      Sep 12 07:31:21 [410600]: Reloading config file INFO      Sep 12 07:31:21 [410600]: Added address [192.168.0.138] to listen addresses. INFO      Sep 12 07:31:21 [410600]: Outgoing connections bound to IP 192.168.20.112 INFO      Sep 12 07:31:21 [410600]: Setting "Via" header to 'tinyproxy' INFO      Sep 12 07:31:21 [410600]: Adding Port [443] to the list allowed by CONNECT INFO      Sep 12 07:31:21 [410600]: Adding Port [563] to the list allowed by CONNECT INFO      Sep 12 07:31:21 [410600]: listen_sock called with addr = '192.168.0.138' INFO      Sep 12 07:31:21 [410600]: trying to listen on host[192.168.0.138], family[2], socktype[1], proto[6] INFO      Sep 12 07:31:21 [410600]: listening on fd [0] INFO      Sep 12 07:31:21 [410600]: Now running as group "tinyproxy". INFO      Sep 12 07:31:21 [410600]: Now running as user "tinyproxy". INFO      Sep 12 07:31:21 [410600]: Setting the various signals. INFO      Sep 12 07:31:21 [410600]: Creating child number 1 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 2 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 3 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 4 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 5 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 6 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 7 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 8 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 9 of 10 ... INFO      Sep 12 07:31:21 [410600]: Creating child number 10 of 10 ... INFO      Sep 12 07:31:21 [410600]: Finished creating all children. CONNECT   Sep 12 07:31:26 [410602]: Connect (file descriptor 6): web.server [192.168.0.178] CONNECT   Sep 12 07:31:26 [410602]: Request (file descriptor 6): CONNECT xxx:443 HTTP/1.1 INFO      Sep 12 07:31:26 [410602]: No upstream proxy for xxx INFO      Sep 12 07:31:26 [410602]: opensock: opening connection to xxx:443 INFO      Sep 12 07:31:26 [410602]: opensock: getaddrinfo returned for xxx:443 ERROR     Sep 12 07:33:37 [410602]: opensock: Could not establish a connection to xxx INFO      Sep 12 07:33:37 [410602]: no entity

emm 看起来是 opensock 的问题么?

大佬有話說 (0)