caddyserver/forwardproxy

Could not connect

marcus65001 opened this issue · 1 comments

1. Is bug reproducible with latest forwardproxy build?

Yes

2. What are you trying to do?

Trying to connect the proxy

3. What is your entire Caddyfile?

a.example.com, b.example.com {
    forwardproxy {
        basicauth user1 123456
        ports 80 443 11001
        response_timeout 30
        dial_timeout     30
    }
    root /root/www
}

4. How is your client configured?

5. How did you run Caddy? (give the full command and describe the execution environment). If multiple servers are used (for example with upstream), describe those as well.

Under CentOS 7
caddy -conf Caddyfile

6. Please paste any relevant HTTP request(s) here.

7. What did you expect to see?

The proxy working on all three ports.

8. What did you see instead (give full error messages and/or log)?

When I try on port 80, it gave me "404 Site google.com is not served on this interface" on Firefox and "ERR_TUNNEL_CONNECTION_FAILED" on Chrome
On port 443, it gave me "Connection Reset" on Firefox and "ERR_EMPTY_RESPONSE" on Chrome
On port 11001, it gave me "Connection Reset" on Firefox and "ERR_PROXY_CONNECTION_FAILED" on Chrome

9. How can someone who is starting from scratch reproduce the bug as minimally as possible?

cat -n proxy.conf
1 :8118 {
2 gzip
3 root /srv/http
4 log stdout
5
6 forwardproxy {
7 hide_ip
8 hide_via
9 }
10 }
11

cat -n caddy.conf
1 :80 {
2 gzip
3 # root /usr/share/caddy
4 root /srv/http
5 log stdout
6 }
7
8 import caddy.conf.d/
.conf

If I put the ports on the inside, Caddy will not start.
I have not confirmed if the gzip actually works or not..

Logs look like this:

2020/02/06 12:27:19 192.168.40.190 - - [06/Feb/2020:12:27:19 -0500] "CONNECT / HTTP/1.1" 502 16
2020/02/06 12:27:20 192.168.40.190 - - [06/Feb/2020:12:27:20 -0500] "CONNECT / HTTP/1.1" 200 0
2020/02/06 12:27:20 192.168.40.190 - - [06/Feb/2020:12:27:20 -0500] "CONNECT / HTTP/1.1" 200 0
2020/02/06 12:27:20 [ERROR 502 ] Lookup of syndication.twitter.com failed: lookup syndication.twitter.com: no such host
2020/02/06 12:27:20 192.168.40.190 - - [06/Feb/2020:12:27:20 -0500] "CONNECT / HTTP/1.1" 502 16
2020/02/06 12:27:20 [ERROR 502 ] Lookup of imasdk.googleapis.com failed: lookup imasdk.googleapis.com: no such host
2020/02/06 12:27:20 192.168.40.190 - - [06/Feb/2020:12:27:20 -0500] "CONNECT / HTTP/1.1" 502 16
2020/02/06 12:27:21 [ERROR 502 ] Lookup of static.scroll.com failed: lookup static.scroll.com: no such host
2020/02/06 12:27:21 192.168.40.190 - - [06/Feb/2020:12:27:21 -0500] "CONNECT / HTTP/1.1" 502 16
2020/02/06 12:27:21 [ERROR 502 ] Lookup of cdn.tinypass.com failed: lookup cdn.tinypass.com: no such host
2020/02/06 12:27:21 192.168.40.190 - - [06/Feb/2020:12:27:21 -0500] "CONNECT / HTTP/1.1" 502 16
2020/02/06 12:27:21 [ERROR 403 ] No allowed IP addresses for www.npttech.com
2020/02/06 12:27:21 192.168.40.190 - - [06/Feb/2020:12:27:21 -0500] "CONNECT / HTTP/1.1" 403 14
2020/02/06 12:27:21 [ERROR 502 ] Lookup of c.amazon-adsystem.com failed: lookup c.amazon-adsystem.com: no such host
2020/02/06 12:27:21 192.168.40.190 - - [06/Feb/2020:12:27:21 -0500] "CONNECT / HTTP/1.1" 502 16
2020/02/06 12:27:22 [ERROR 502 ] Lookup of z-na.amazon-adsystem.com failed: lookup z-na.amazon-adsystem.com: no such host
2020/02/06 12:27:22 192.168.40.190 - - [06/Feb/2020:12:27:22 -0500] "CONNECT / HTTP/1.1" 502 16

caddy -plugins | grep forward
http.forwardproxy

caddy -version
v1.0.4

The 502's are dns failures; adblocking..

HTH