I have configured ProxyChains to use 127.0.0.1:1080 as the only socks server. All the DNS requests are proxied through the above server.
I am able to use Firefox with ProxyChains properly, but there is some issue with wget. Whenever I use proxychains wget it first tries to connect to my university's proxy server and then it tries to connect to my local proxy server.
The output of the command proxychains wget www.google.com is as follows:
ProxyChains-3.1 (http://proxychains.sf.net)
--2010-11-26 22:14:38-- http://www.google.com/
Resolving **********... |DNS-request| **********
|D-chain|-<>-127.0.0.1:1080-<><>-4.2.2.2:53-<><>-OK
|DNS-response|: ********** is not exist
failed: Unknown error.
wget: unable to resolve host address `**********'
********** above represents my university's proxy server host name.
in file /usr/lib/proxychains3/proxyresolv
change 4.2.2.2 to 8.8.8.8
or use env PROXYRESOLV_DNS
also you can make proxychains doesn't proxy DNS request,
in proxychains.conf comment the proxy_dns setting
My Problem was resolved after becoming root ("sudo sh") and executing the same command.
Running the command as proxychains sudo wget google.com worked.
You may want to try defining your proxy's address with a shell environment variable. There's a brief section in the wget manual on configuring for proxies.
Related
I've moved the backend (nodeJs+Loopback) of my application on a server CentOS. When I run it, it's listening on "localhost:3000". If I type "curl http://localhost:3000" while I'm on the server's terminal I get a response. When I try to call the application from remote, I use the real IP address instead of localhost, but it doesn't work.
The error is:
[proxy:error] (13)Permission denied:HTTP: attempt to connect to 127.0.0.1:3000(localhost) failed
Do I need to setup some configuration?
Thank you
Have you tried # setsebool -P httpd_can_network_connect 1 ??
Check out the bottom of this link:
https://wiki.apache.org/httpd/13PermissionDenied
This question shows research effort; it is useful and clear
I have checked the cURL not working properly
When I run the command curl -I https://www.example.com/sitemap.xml
curl: (7) Failed to connect
Failed to connect on all port
this error only on one domain, all other domain working fine, curl: (7) Failed to connect to port 80, and 443
Thanks...
First Check your /etc/hosts file entries, may be the URL which You're requesting, is pointing to your localhost.
If the URL is not listed in your /etc/hosts file, then try to execute following command to understand the flow of Curl Execution for the particular URL:
curl --ipv4 -v "https://example.com/";
After many search, I found that Hosts settings not correct
Then I check nano /etc/hosts
The Domain point to wrong IP in hosts file
I change the wrong IP and its working Fine
This is new error Related to curl: (7) Failed to connect
curl: (7) Failed to connect
The above error message means that your web-server (at least the one specified with curl) is not running at all — no web-server is running on the specified port and the specified (or implied) port. (So, XML doesn't have anything to do with that.)
you can download the key with browser
then open terminal in downloads
then type sudo apt-key add <key_name>.asc
Mine is Red Hat Enterprise(RHEL) Virtual Machine and I was getting something like the following.
Error "curl: (7) Failed to connect to localhost port 80: Connection refused"
I stopped the firewall by running the following commands and it started working.
sudo systemctl stop firewalld
sudo systemctl disable firewalld
If the curl is to the outside world, like:
curl www.google.com
I have to restart my cntlm service:
systemctl restart cntlm
If it's within my network:
curl inside.server.local
Then a docker network is overlapping something with my CNTLM proxy, and I just remove all docker networks to fix it - you can also just remove the last network you just created, but I'm lazy.
docker network rm $(docker network ls -q)
And then I can work again.
wget is trying to connect at 127.0.0.1 but it doesn't work. Is it possible to set the IP address wget should connect to without changing my /etc/hosts
Changing the /etc/hosts creates all sorts of other problems.
I'm running Debian 8 and I get:
ERROR: The certificate of ‘example.com’ is not trusted.
I suppose a way to accept unsigned certificates would also do.
Thanks very much!
Try --no-check-certificate option with wget.
I'm on CentOS 7. I'm running this command:
wget http://wordpress.org/latest.tar.gz
This is the returned output:
--2016-09-08 15:53:04-- http://wordpress.org/latest.tar.gz
Resolving wordpress.org (wordpress.org)... 66.155.40.250, 66.155.40.249
Connecting to wordpress.org (wordpress.org)|66.155.40.250|:80... failed: Network is unreachable.
Connecting to wordpress.org (wordpress.org)|66.155.40.249|:80... failed: Network is unreachable.
I'm not sure why that might be. I have access to my local network from my machine; I can install yum packages without issue.
EDIT
Result of ip route get 66.155.40.249
RTNETLINK answers: Network is unreachable
My /etc/sysconfig/network-scripts/ifcfg-eno16777736 after I edited it:
TYPE=Ethernet
BOOTPROTO="static"
IPADDR=192.168.2.100
NETMASK=255.255.255.0
NM_CONTROLLED=no
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
UUID=*random*
DEVICE=eno16777736
ONBOOT=yes
With the exception of my UUID... Specifically I added: bootproto, ipadder, netmask, and nm_controlled.
This situation happens when no entry in the routing table has been found.
If you're using a laptop (with wifi and ethernet) this may happen if you dhclient -r from one interface, which can remove the default route.
Easy resolution:
make a new dhcp request (optionally release the current lease)
add the default route by hand: ip route add default via <<GW ip>>. If you have several interfaces, you may need to specify the output interface using ip route add default via <<GW ip>> dev <<devname>> instead.
I'd like to use forticlientsslvpn on Cent OS 7 through a proxy but it doesn't work with a message "Can not connect to proxy" or "Can not resolve proxy address". I guess it needs some dependent libraries but I don't know them.
I downloaded the latest Forticlient SSLVPN 4.4.2329-1 64bit from here. (I installed it on debian then copied the forlder(/opt/forticlientsslvon) to the clean Cent OS 7.)
Both forticlientsslvpn CLI and GUI failed on the same error. This is the result of the cli command.
[root#cent7 /]# cd ~/forticlient-sslvpn/64bit/
[root#cent7 /]# ./forticlientsslvpn_cli --proxy 10.0.0.73:3128 --server 203.0.113.1:10443 --vpnuser myuser
Password for VPN:
STATUS::Setting up the tunnel
STATUS::Connecting...
NOTICE::Can not connect to proxy.
STATUS::Set up tunnel failed
SSLVPN down unexpectedly with error:2
Press Ctrl-C to quit
Clean up...
# Another proxy variable
[root#cent7 /]# ./forticlientsslvpn_cli --proxy http://10.0.0.73:3128 --server 172.17.97.85:10443 --vpnuser myuser
Password for VPN:
08/19/2016 18:19:26 [23461] can not resolve name http://10.0.0.73
Init SSLVPN error:Can not resolve proxy address
# Check the proxy connection
[root#cent7 /]# telnet 10.0.0.73 3128
Trying 10.0.0.73...
Connected to 10.0.0.73.
Escape character is '^]'. # OK
# Check DNS
[root#cent7 /]# nslookup 10.0.0.73
Server: 10.0.0.70
Address: 10.0.0.70#53
Non-authoritative answer:
73.0.0.10.in-addr.arpa name = dns.example.com.
Of cource my forticlient on windows in the same network works with the proxy to the server. And FireFox/wget on this Cent OS 7 server works with the proxy. Does anyone know anything about "Can not connect to proxy" error?
My IP was wrong and needed ip route add
Although the error message was "Can not connect to proxy", my destination forti IP was wrong. It was connected after I fixed it.
One more thing, I noticed a confusing point. I have two proxies like a socks proxy and a web proxy at this time. I knew ssl-vpn uses only web connections but I guessed forticlient might use ssh command during the connection. But it didn't. Forticlient_sslvpn needs only a web proxy so we just need to fill the proxy form of forticlient with a web proxy's url.
And one more thing. After I connected to ssl-vpn, it doesn't work perfectly because I can ping to internal server but not to DMZ(Of course my windows forticlient works well for both). I added ip route to DMZ and it started to work.
ip route add 192.168.3.0 via 10.0.0.5
I guessed this GW 10.0.0.5 is not the same everytime and every machine so I made the dynamic command.
ip route add 192.168.3.0/24 via $(ip route | grep 10.0.0 | awk '{print $3}' | head -1)
I hope this helps someone.