I have next setup:
Local host - my work PC
Project VM - Vagrant box with project files, runned on my work PC
Remote host - remote PC, from which I need to access hosts on Project VM
Project VM setup (/etc/hosts on Local host):
192.168.100.102 host1.vm.private
192.168.100.102 sub1.host1.vm.private
192.168.100.102 sub2.host1.vm.private
"host1" subdomains resolved by application router and served by nginx (config for "host1.vm.private" on Project VM):
server {
listen 80;
server_name ~^(.+\.)?host1\.vm\.private$;
...
}
I need to make "sub(1|2|N).host1.vm.private" reachable from remote host. How this can be done?
So, i found the solution: Trouble SSH Tunneling to remote server
The main issue is that invalid HTTP header was sent and nginx cant resolve a virtual host.
Run on local PC ssh -R 8888:192.168.100.102:80 <remote_pc_credentionals>. Or, run "inversed" command with ssh -L flag on remote PC.
Add "sub1.host1.vm.private" to /etc/hosts on remote PC: 127.0.0.1 sub1.host1.vm.private
OR
Send "Host" header with each request: curl -H "Host: sub1.host1.vm.private" "http://localhost:8888/some/path"
Related
I'm trying to setup port forwarding from localhost to a local server using socat. The server is available via http://my-local-domain.
Here is what I tried:
socat -d -d tcp-listen:8081,reuseaddr,fork tcp:my-local-domain:80
When I open the browser and go to http://localhost:8081, I see my original localhost page, not the page when I navigate to my-local-domain.
How does one create port-forwarding to a local domain using socat?
I found that I'm not able to use Port 80 because the Host appears as localhost to NGINX, and so localhost serves the request [which would explain the original issue].
You can verify this by:
Opening nginx.conf
Adding ..."Host=$host"... to the log_format
Tailing the access logs [tail -f /usr/local/nginx/logs/access.log]
You'll notice that Host is always localhost, and so localhost serves the request.
The way to solve this is to change the Host info from localhost to my-local-server:
Localhost:8081 --> [change Host info] --> my-local-server:80
The way I found to do this was to create a proxy via Node.JS [as a go-between] as follows:
Create proxy.js
Copy the contents of the code from this gist and paste into proxy.js
Run the following command in the terminal to create proxy to web server:
PORT_LISTEN=8091 PORT_TARGET=80 HOST_TARGET="my-local-server" HOST_ORIGIN="my-local-server" node proxy.js
Run socat to proxy
socat -d -d tcp-listen:8081,reuseaddr,fork tcp:localhost:8091
So now we have the following:
Localhost:8081 --> Localhost:8091 --> my-local-server:80
This is what worked.
I have a wordpress official container with a dock port 80 mapped to 32795 external... when I go to administration area of wordpress I get this error:
Important: HTTP Loopback Connections are not enabled on this server. If you need to contact your web host, tell them that when PHP tries to connect back to the site at the URL http://localhost:32795/wp-admin/admin-ajax.php and it gets the error cURL error 7: Failed to connect to localhost port 32795: Connection refused. There may be a problem with the server configuration (eg local DNS problems, mod_security, etc) preventing connections from working properly.
I think the problem is that the site inside the container tries to communicate with the 32795 port instead of 80, but it can not because this door is only seen from the outside of the container...
I created a script inside the site with phpinfo, and I checked the loopback connections are on...
There is a solution for this? I have docker un windows with kitematic
thanks
I had a similar problem running WordPress with Nginx on Docker Desktop for Windows. I needed to add an entry to the container's hosts file that directed my local.example.com domain to hit my ingress-nginx controller so that WordPress' loopback requests would work. Although my setup might be slightly different this might help you.
Open /Windows/System32/drivers/etc/hosts and copy the IP address that's next to host.docker.internal. Add an entry to the container's hosts file on startup that ties the domain to the hosts IP by doing one of the following. IP is what you copied from your machine's hosts file by host.docker.internal
Docker argument:
--add-host="local.example.com:IP"
Docker compose:
extra_hosts:
- "local.example.com:IP"
Kubernetes:
hostAliases:
- ip: "IP"
hostnames:
- "local.example.com"
Problem is inside the container the opened port is 80 and docker is exposing 32795 for external connections
Wordpress configuration is pointing to port 32795, you might expose port 80 by doing docker run -p 80:80 and change wordpress configuration to use port 80
If you can't use port :80 a little bit more complicated solution is to use iptables port forwarding internally
Example
➜ ~ docker run -d --cap-add=NET_ADMIN --cap-add=NET_RAW -p 5000:80 nginx
835b039cc92bd9f32b960181bf370d39869c88f5a757423966b467fe01ac219e
➜ ~ docker exec -it 835b039cc92bd9 bash
root#835b039cc92b:/# apt update -qqq ; apt install iptables -yqqq
root#835b039cc92b:/# iptables -t nat -A OUTPUT -o lo -p tcp --dport 5000 -j REDIRECT --to-
port 80
root#835b039cc92b:/# apt install telnet -yqqq
root#835b039cc92b:/# telnet localhost 5000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
root#835b039cc92b:/# exit
# from outside the container
➜ ~ telnet localhost 5000
Trying ::1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
I am running Artifactory Pro (5.3.1), and was trying to use the docker registry functionality.
I created a docker repository, and gave it a port 5001 in the "Registry Port" config.
However, there's nothing running on port 5001 ("telnet localhost 5001" refuses to connect), and the logs show this:
[http-nio-8081-exec-7] [ERROR] (o.a.s.s.SshAuthServiceImpl:210) - Failed to start SSH server
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method) ~[na:1.8.0_72-internal]
at sun.nio.ch.Net.bind(Net.java:433) ~[na:1.8.0_72-internal]
at sun.nio.ch.Net.bind(Net.java:425) ~[na:1.8.0_72-internal]
at sun.nio.ch.AsynchronousServerSocketChannelImpl.bind(AsynchronousServerSocketChannelImpl.java:162) ~[na:1.8.0_72-internal]
at org.apache.sshd.common.io.nio2.Nio2Acceptor.bind(Nio2Acceptor.java:66) ~[sshd-core-0.14.0.jar:0.14.0]
Any idea what could cause a "permission denied"? There's nothing running on that port (same error for any other port). It's on Ubuntu 14.04.
I had a misunderstanding how the docker registry worked with Artifactory.
The Artifactory service doesn't actually open the port assigned to the repo (5001 in this case), but the reverse proxy will listen on it and forward it (with the right X-forwarded-port) to the "normal" Artifactory service port (e.g. 8081).
After setting up the reverse proxy for it, it worked fine.
I'm trying to give a remote machine (that I can ssh to) access to the internet through my local machine.
Currently, I've set up a squid server locally, with the intent of using a reverse tunnel a la http://ubuntuforums.org/showthread.php?t=1765935
Unfortunately, I can't seem to get the local proxy to work, on account of ignorance of how proxy-ing works.
Currently:
squid3 proxy running locally port 3128. $nmap localhost confirms: 3128/tcp open squid-http
iptables set to allow access to port 3128 only from localhost: https://serverfault.com/questions/247176/iptables-only-allow-localhost-access
squid conf unaltered.
testing locally: $export http_proxy=localhost:3128
testing locally: $lynx google.com
failure.
Any thoughts?
Try;
Add
$export https_proxy=localhost:3128
$lynx google.com
Google redirect to https
I am using Ubuntu 12.04LTS 64 bit pc.JBOSS as my local pc server and i have a project which is using mysql as database and struts framework.I can easily access my project using
http://localhost:8080
but when I want to access my project using
https://localhost:8080
It shows an error.
The connection was interrupted
The connection to 127.0.0.1:8080 was interrupted while the page was loading.
I have also checked
$ sudo netstat -plntu | grep 8080
this command which output is
"tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 5444/java"
If i kill this process,my project also killed.
and i also mentioned u that my 80 port is free also.
Can you tell me what is the problem is occured for which I cannot access my project in my local pc using https.
Advance Thanks for helping.
SSL has to be on a different port. Here is the breakdown:
http:// watched on port, typically 80
https:// watched on a different port, typically 443
You need to RUN SSL on a different port.
Listen 8081
SSL VirtualHost
<VirtualHost *:8081>
# SSL Cert info here
....
</VirtualHost>
> service httpd restart