我有一个运行在Ubuntu 19.04服务器上的Docker服务,该服务器位于我的局域网中。
有问题的服务在端口1080上公开了SOCKS5代理。
当我从服务器运行以下命令时,它们会起作用:
~$ curl --proxy socks5://127.0.0.1:1080 ipinfo.io
{
"ip": "xx.xxx.xxx.xxx",
"city": "Phoenix",
"region": "Arizona",
"country": "US",
...
}
~$ docker container inspect my-docker-service | grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "",
"IPAddress": "172.19.0.8",
~$ curl --proxy socks5://172.19.0.8:1080 ipinfo.io
{
"ip": "xx.xxx.xxx.xxx",
"city": "Phoenix",
"region": "Arizona",
"country": "US",
...
}
但是当我从服务器上运行此程序时,它却没有:
~$ ip a
...
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
...
inet 192.168.1.95/24
...
~$ curl --proxy socks5://192.168.1.95:1080 ipinfo.io
curl: (7) Failed to connect to 192.168.1.95 port 1080: Connection timed out
我的docker-compose.yml如下:
my-docker-service:
privileged: true
image: ohpe/socks-my-vpn
container_name: my-docker-service
devices:
- /dev/net/tun
cap_add:
- net_admin
tty: true
sysctls:
net.ipv6.conf.all.disable_ipv6: 0
environment:
- PROXY_PORT=1080
volumes:
- /path/to/configs/my-docker-service:/vpn:ro
ports:
- 1080:1080
dns:
- 1.1.1.1
restart: unless-stopped
我已禁用ufw,并且在另一台LAN设备上使用nmap可以使我:
λ nmap -p 1080 192.168.1.95
Starting Nmap 7.80 ( https://nmap.org ) at xxx
Nmap scan report for 192.168.1.95
Host is up (0.0020s latency).
PORT STATE SERVICE
1080/tcp filtered socks
MAC Address: xx:xx:xx:xx:xx:xx (xxx)
Nmap done: 1 IP address (1 host up) scanned in 5.53 seconds
如何使此代理服务可用于局域网中的其他设备?