I am trying to use local port forwarding to access remote host over a firewall and am able to do so using the command below.
ssh -L 23456:remotehost:10000 localhost
>telnet localhost 23456
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
>telnet 170.19.120.207 23456
Trying 170.19.120.207...
telnet: connect to address 170.19.120.207: Connection refused
telnet: Unable to connect to remote host: Connection refused
Looks like portforwarding is happening on loopback and anything with the hostname is getting rejected. Can someone help me to get around this, as I am sure there is/should be a way
Seems it is working correctly 'telnet localhost 23456' works!
telnet 170.19.120.207 23456 shouldn't work, unless 170.19.120.207 points to your host. If you want that you need to enable gateway functionality:
ssh -g -L 23456:remotehost:10000 localhost
Related
I have a wordpress official container with a dock port 80 mapped to 32795 external... when I go to administration area of wordpress I get this error:
Important: HTTP Loopback Connections are not enabled on this server. If you need to contact your web host, tell them that when PHP tries to connect back to the site at the URL http://localhost:32795/wp-admin/admin-ajax.php and it gets the error cURL error 7: Failed to connect to localhost port 32795: Connection refused. There may be a problem with the server configuration (eg local DNS problems, mod_security, etc) preventing connections from working properly.
I think the problem is that the site inside the container tries to communicate with the 32795 port instead of 80, but it can not because this door is only seen from the outside of the container...
I created a script inside the site with phpinfo, and I checked the loopback connections are on...
There is a solution for this? I have docker un windows with kitematic
thanks
I had a similar problem running WordPress with Nginx on Docker Desktop for Windows. I needed to add an entry to the container's hosts file that directed my local.example.com domain to hit my ingress-nginx controller so that WordPress' loopback requests would work. Although my setup might be slightly different this might help you.
Open /Windows/System32/drivers/etc/hosts and copy the IP address that's next to host.docker.internal. Add an entry to the container's hosts file on startup that ties the domain to the hosts IP by doing one of the following. IP is what you copied from your machine's hosts file by host.docker.internal
Docker argument:
--add-host="local.example.com:IP"
Docker compose:
extra_hosts:
- "local.example.com:IP"
Kubernetes:
hostAliases:
- ip: "IP"
hostnames:
- "local.example.com"
Problem is inside the container the opened port is 80 and docker is exposing 32795 for external connections
Wordpress configuration is pointing to port 32795, you might expose port 80 by doing docker run -p 80:80 and change wordpress configuration to use port 80
If you can't use port :80 a little bit more complicated solution is to use iptables port forwarding internally
Example
➜ ~ docker run -d --cap-add=NET_ADMIN --cap-add=NET_RAW -p 5000:80 nginx
835b039cc92bd9f32b960181bf370d39869c88f5a757423966b467fe01ac219e
➜ ~ docker exec -it 835b039cc92bd9 bash
root#835b039cc92b:/# apt update -qqq ; apt install iptables -yqqq
root#835b039cc92b:/# iptables -t nat -A OUTPUT -o lo -p tcp --dport 5000 -j REDIRECT --to-
port 80
root#835b039cc92b:/# apt install telnet -yqqq
root#835b039cc92b:/# telnet localhost 5000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
root#835b039cc92b:/# exit
# from outside the container
➜ ~ telnet localhost 5000
Trying ::1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
I have neo4j community server edition 3.4.5 and which will be giving me "WebSocket connection to 'ws://localhost:7687/' failed".
I found some solution to work in firefox, chrome, IE but those are temporary solutions which work. but I don't think that just by passing proxy would be a permanent solution.
It is not working if connected to VPN(office network), otherwise working. What could be a reason for this error within an office network? How to resolve this issue.
Any idea or suggestions, Please
There can be several reasons for this issue and I probably need to know more about your setup before I can pin point the problem.
1 check:
Disconnect from the VPN, and open a command prompt (Windows+R then write cmd and press enter)
Use either telnet or putty ( https://www.putty.org/ ) and connect to 127.0.0.1 port 7687:
telnet 127.0.0.1 7687
See if you a response like this:
GET / HTTP/1.0
2 check:
Go to you proxy settings and see if you have a proxy enabled:
Firefox: Preferences/Options > Advanced > Network > Settings
IE: Tools > Options > Connections > Lan Settings
Suggest to turn off your proxy and do the check in check 1 again.
3 check:
Connect to your VPN and do the check 1 part once again
Check for error messages (that you probably would get) and then write in the command prompt:
route print
It should show a line like this:
127.0.0.0 255.0.0.0 On-link 127.0.0.1 xxx
127.0.0.1 255.255.255.255 On-link 127.0.0.1 xxx
127.255.255.255 255.255.255.255 On-link 127.0.0.1 xxx
This ensure that you still have your loop back up and running (probably is ok).
4 check:
Turn off your local firewall with VPN connected (if allowed) and try the check 1 again.
Some firewall rules change connections to "localhost" while connected to a VPN, since the new connection is "corporate" or "public".
If that worked, you need to create a rule in your firewall to allow connection to port 7687 for all addresses, this will fix your problem.
5 check:
Check your neo4j community server to listen to "127.0.0.1" and not "0.0.0.0"
Check your ports open by using netstat
netstat -a -o
It should state something like this
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:7687 machinename:0 LISTENING xxxx
or
TCP 127.0.0.1:7687 machinename:0 LISTENING xxxx
If the server is like the first line, it might be handled by a corporate firewall, but by using the 127.0.0.1 as address it should always be local.
Hopefully that will get you on the way :)
i had same problem, so Let me tell you what i came out with...
the company has a proxy server for all connections, so i change my request from IP to DNS by typing nslookup IP on command prompt terminal.
from: ws://180......:80/socket/test to: ws://mxjuppro22......:80/socket/test
then error gone and now is working like a charm!!!
hope it helps
I am using the latest version of boot2docker version 1.3.2, 495c19a on a windows 7 (SP1) 64 bit machine.
My docker container is running a celery process which attempts to connect to a rabbitMQ service running on the same machine that boot2docker is running on.
The Celery process running within the docker container cannot connect to RabbitMQ and reports the following :
[2014-12-02 10:28:41,141: ERROR/MainProcess] consumer: Cannot connect
to amqp:// guest:**#127.0.0.1:5672//: [Errno 111] Connection refused.
Trying again in 2.00 seconds...
I have reason to believe this is a network related issue, associated with routing from the container, to the VirtualBox host, and from the host to the RabbitMQ service running on the local machine; I do not know how to configure this and I was wondering if anyone can advise me how to proceed?
I tried setting up port 5672 in port forwarding but it didn't work (but I believe this is for incoming traffic to the VM, like boot2docker ssh).
I am running the container as docker run -i -t tagname
I am not specifying a host with -h when I run the container.
I'm sorry if this question appears rather clueless or if the answer appears obvious ... I appreciate any help!
Some additional information :
The routing table of the host VM is what boot2docker configured during installation as follows :
docker0 IP Address is 172.17.42.1
eth0 IP Address is 10.0.2.15
eth1 IP Address is 192.168.59.103
eth0 is attached to NAT (Adapter 1) in the VirtualBox VM network configuration.
Adapter 1 has port forwarding setup for ssh; default setting of host IP 127.0.0.1, host port 2022, guest port 22.
eth1 is attached to Host-only adapter (Adapter 2).
Both adapters are set to promiscuous mode (allow all).
The IP Address of the docker container is 172.17.0.33.
[2014-12-02 10:28:41,141: ERROR/MainProcess] consumer: Cannot connect to amqp:// guest:**#127.0.0.1:5672//: [Errno 111] Connection refused. Trying again in 2.00 seconds...
127.0.0.1 is a special IP address that means "me", and inside the container it means "me the container", so this is why it is not connecting to the outer host. So the first thing to do is change the IP address where you are trying to connect to Rabbit to that of the outer host where it is running.
Then you probably have to do something about routing, but let's take one step at a time.
as your RabbitMQ server is running on your Windows host, you need to tell your container that it should talk to that IP - which would probably be 192.168.59.3
most importantly, your container's 127.0.0.1 is only a loopback device to that container's services - not even the boot2docker vm's ports.
You could set up an ambassador container that has --expose=80 and uses something like socat to forward all traffic from that container to your host (see svendowideit/ambassador). Then you'd --link that ambassador container to your current image
but personally, I'd avoid that initially, and just configure your containerised app to talk to the real host's IP
You have to specifc explicitely ports for port redirection separately for boot2docker and docker.
Please try this:
c:\>boot2docker init
c:\>boot2docker up
c:\>boot2docker ssh -L 0.0.0.0:5672:localhost:5672
docker#boot2docker:~$ docker run -it -p 5672:5672 tagname
I'm trying to do load test postgresql db using tsung.
I used pgsql.xml provided in examples folder in tsung-1.5.0.
Here's my pgsql.xml: https://github.com/processone/tsung/blob/master/examples/pgsql.xml.in
I run tsung using tsung -f test.xml -p pgsql start.
I got the following error:
ssh: connect to host localhost port 22: Connection refused
Could anyone point me out what the problem is and how to solve it?
You are using server monitoring and your SSH is not setup..
<monitoring>
<monitor host="localhost"/>
</monitoring>
Do you really want to monitor server? If not then you can comment the code and it should work fine.. If yes then you will have to set up a password less SSH to your server...
I have Nginx running on 8080, while Varnish runs on port 80. I can do
wget localhost:8080
in shell and get a response, but if I run
wget localhost
I get connection refused. For reference, I'm trying to access it externally but get the same problem. Hopefully I can solve access from localhost first!
Thanks in advance!
netstat -tulnp shows you every port and service running
iptables -L shows you if port open or blocked
cheers