Connection refused: The proxy could not connect ot

Question

Connection refused: The proxy could not connect ot

abhinavsingh opened this issue 5 years ago · comments

While debugging issue abhinavsingh/proxy.py#43 I ran into the following error page:

which hinted towards a certain bug during communicating between vpnkit and proxy.py container. For some reason, client connections to proxy.py are closed soon after proxy.py has received the client request, resulting in a tight retry request loop. See my abhinavsingh/proxy.py#43 (comment) for more debugging details.

Any ideas where things might be going wrong here?

David Scott · Answer 1 · Sat Feb 23 2019 01:15:37 GMT+0800 (China Standard Time)

I'm not sure but I recommend running the following to capture a packet trace from the VM:

docker run -it -v /tmp:/out --net=host djs55/tcpdump -n -i eth0 -s 0 -w /out/output.pcap

then trigger the problem, then take a look at the /tmp/output.pcap file with "wireshark". Or attach to this ticket and I'll take a look.

Abhinav Singh · Answer 2 · Tue Sep 17 2019 08:44:51 GMT+0800 (China Standard Time)

@djs55 apologies, it took some time. Got back to it now that proxy.py users are asking for a stable docker container. I can verify via tcpdump that for container goes into an infinite loop. All these CONNECT requests are coming from user-agent: ocaml-cohttp/1.1.0. Please see screenshots below for request and corresponding response packet:

Request

Response

There was no way for me to attach pcap file. But you can try it locally too:

docker run -it -p 8899:8899 --rm abhinavsingh/proxy.py:latest

Simply curl requests doesn't trigger this behavior. Change your browser / system proxy settings to use localhost:8899 and within seconds you should see the request flood. Alternately, you can also try sending tons of requests via ab or other similar tools.

Amit Mor · Answer 3 · Mon Jan 18 2021 21:54:28 GMT+0800 (China Standard Time)

I managed to workaround this. I think somehow the --hostname=0.0.0.0 params defined in the Dockerfile CMD is not respected. I've removed the CMD entirely and now I'm running (on MacOS 10.15.7 Catalina) with the following cmd (I have a custom plugin so I had to rewrite the rest of the Dockerfile - hopefully a PR would follow):

docker run --rm -ti -p 8899:8899 proxy.py --plugins proxy.plugin.SSORestApiPlugin --hostname 0.0.0.0

Abhinav Singh · Answer 4 · Wed Dec 01 2021 12:49:43 GMT+0800 (China Standard Time)

I managed to workaround this.

Wow lovely. I simply missed your reply. Are you able to successfully run it it on MacOS now? I'll take a look myself later this week. Hopefully we can resolve this.