Comments (12)
default mode proxy will try access domain directly, if failed then access it through parent , you can prevent it by two ways,1:add
that domain in blocked file . 2:add argument --always in client arguments.
from goproxy.
this is very bad idea for default mode,, 👎
in http(s) proxy all domain must be resolve on server side proxy server!
the clinet must be only rely traffic to server, and not solve any domain name with DNS
The execute of the client with the argument −−always
has the same problem :(
from goproxy.
--always means client forward all raw request to parent with no resolve in client , you may have some mistake
from goproxy.
this is my server on remote computer in another country:
proxy http -t tls -p ":10801" -C p.crt -K p.key --forever --daemon -z "S"
this is my client in my personal computer:
proxy http --always -t tcp -p ":5656" -T tls -P "SERVER_IP:10801" -C p.crt -K p.key -Z "S"
i run this command on my oersonal computer:
curl -x "127.0.0.1:5656" "http://abc.efg/"
and this is my sniff date on personal computer:
https://screenshots.firefox.com/zUOV7DKQVI4M0SQ1/null
client side proxy (with --always argument) send dns packet for solving domain name
where is my mistake? :(
thank you
from goproxy.
the client and server log is?
from goproxy.
it is firefox useing proxy problem,see:https://www.reddit.com/r/linuxquestions/comments/7slstp/proxy_dns_when_using_socks5_not_adhered_to_when/ , if you can find which program send A query ,it wiil be firefox not proxy. you can fix that by above link page.
Only Socks v5 (not v4) supports DNS proxy on Firefox and you must also tick the checkbox "Proxy DNS when using SOCKS v5" at the bottom of the network settings screen.
from goproxy.
:|||
I use curl for test, not firefox
I have not any problem with another http(s) proxy
from goproxy.
show the server log output,when exec curl.
from goproxy.
my client:
proxy http --always -t tcp -p ":5656" -T tls -P "SERVER_IP:10801" -C proxy.crt -K proxy.key -Z "S"
curl command when open abc.efg
and google.com
:
$curl -x "127.0.0.1:5656" "http://abc.efg/"
curl: (52) Empty reply from server
$curl -x "127.0.0.1:5656" "https://google.com"
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.com/">here</A>.
</BODY></HTML>
My clinet Logs:
######## ######## ####### ## ## ## ##
## ## ## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ## ####
######## ######## ## ## ### ##
## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ##
## ## ## ####### ## ## ##
v4.7 by snail , blog : http://www.host900.com/
2018/05/23 16:35:25 use tls parent SERVER_IP:10801
2018/05/23 16:35:25 tcp http(s) proxy on [::]:5656
2018/05/23 16:35:27 GET:http://abc.efg/
2018/05/23 16:35:27 use proxy : true, abc.efg:80
2018/05/23 16:35:29 conn 127.0.0.1:49334 - SERVER_IP:10801 connected [abc.efg:80]
2018/05/23 16:35:39 conn 127.0.0.1:49334 - SERVER_IP:10801 released [abc.efg:80]
2018/05/23 16:40:46 CONNECT:google.com:443
2018/05/23 16:40:46 use proxy : true, google.com:443
2018/05/23 16:40:46 conn 127.0.0.1:49468 - SERVER_IP:10801 connected [google.com:443]
2018/05/23 16:40:47 conn 127.0.0.1:49468 - SERVER_IP:10801 released [google.com:443]
SERVER Logs when open abc.efg:
./proxy http -t tls -p ":10801" -C proxy.crt -K proxy.key --forever -z "S"2018/05/23 12:05:18 worker ./proxy [PID] 10556 running...
######## ######## ####### ## ## ## ##
## ## ## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ## ####
######## ######## ## ## ### ##
## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ##
## ## ## ####### ## ## ##
v4.7 by snail , blog : http://www.host900.com/
2018/05/23 12:05:18 tls http(s) proxy on [::]:10801
2018/05/23 12:05:27 GET:http://abc.efg/
2018/05/23 12:05:28 use proxy : false, abc.efg:80
2018/05/23 12:05:28 connect to , err:dial tcp: lookup abc.efg on 213.133.98.98:53: no such host,retrying...
2018/05/23 12:05:30 connect to , err:dial tcp: lookup abc.efg on 213.133.98.98:53: no such host,retrying...
2018/05/23 12:05:32 connect to , err:dial tcp: lookup abc.efg on 213.133.98.98:53: no such host,retrying...
2018/05/23 12:05:34 connect to , err:dial tcp: lookup abc.efg on 213.133.98.98:53: no such host,retrying...
2018/05/23 12:05:36 connect to , err:dial tcp: lookup abc.efg on 213.133.98.98:53: no such host,retrying...
2018/05/23 12:05:38 connect to , err:dial tcp: lookup abc.efg on 213.133.98.98:53: no such host
2018/05/23 12:05:38 connect to abc.efg:80 fail, ERR:dial tcp: lookup abc.efg on 213.133.98.98:53: no such host
SERVER Logs when open google.com:
./proxy http -t tls -p ":10801" -C proxy.crt -K proxy.key --forever -z "S"2018/05/23 12:10:32 worker ./proxy [PID] 10586 running...
2018/05/23 12:10:32 tls http(s) proxy on [::]:10801
######## ######## ####### ## ## ## ##
## ## ## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ## ####
######## ######## ## ## ### ##
## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ##
## ## ## ####### ## ## ##
v4.7 by snail , blog : http://www.host900.com/
2018/05/23 12:10:45 CONNECT:google.com:443
2018/05/23 12:10:45 use proxy : false, google.com:443
2018/05/23 12:10:45 conn 31.56.172.109:32994 - 216.58.208.46:443 connected [google.com:443]
2018/05/23 12:10:46 conn 31.56.172.109:32994 - 216.58.208.46:443 released [google.com:443]
and i sniff two DNS request on my client side for resolving doman name
thank you
from goproxy.
no matter what ever,the server log means that the abc.efg requested by server and dns also
in server ,but dns lookup fail.
from goproxy.
i found line of this bug:
Line 232 in bfcc27e
this line execute before check --always
argument!!!!!!!!
inside this function, we see net.LookupIP(domainOrIP)
and this method use DNS for resolving domain name
LookupIP looks up host using the local resolver. It returns a slice of that host's IPv4 and IPv6 addresses.
then:
if we use http
mode, proxy in client side send DNS request!!! and this is e bug!
solation:
check *s.cfg.Always
before use IsIternalIP
thank you
from goproxy.
This problem solved at commit 5c9fc85 on dev
branch
from goproxy.
Related Issues (20)
- 能为HTTP代理加上用户名密码吗? HOT 1
- 日志经常出现 tls握手失败
- Unexpected http response: '' when used as http proxy of git
- 两层TCP代理,想要拦截本地服务通过TCP访问的流量并代理转发,能够实现吗? HOT 1
- When I install it I get an error:./install.sh: line 25: 6067 Segmentation fault (core dumped) proxy keygen -C proxy > /dev/null 2>&1 HOT 2
- Access Admin Panel HOT 2
- 进程异常退出
- 商业版goproxy 能不能解决"Too Many Requests" 这个问题
- 无法解析IPV6地址,访问异常 HOT 2
- Feature request: add support TCP Brutal
- How to stop the daemon/forever HOT 3
- can this act as a forward proxy like squid ?
- 1
- Free version with -a and -f , who want's to participlate?
- 一条命令同时打开http和socks代理服务
- Limit the number of goroutines
- goproxy安装好后后台地址多少
- bad certificate HOT 2
- 能实现访问A域名走A代理,访问其它域名走B代理吗? HOT 1
- FR: How to pring to logs without colorized ANSI escape sequences HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from goproxy.