Can't connect to dockerized tor proxy

对着背影说爱祢 提交于 2020-12-05 11:22:04

问题


On Lubuntu I was able to use tor just by installing it and then connecting to its socks proxy, but on docker with alpine it doesn't seem to be that easy. Since I left my /etc/tor/torrc the way it came, it only consisted of lines that were commented out. So for alpine I just used the torrc.sample file which also only had lines that were commented out.

Here is my Dockerfile:

FROM alpine:latest
RUN apk update && apk upgrade && apk add tor curl && rm /var/cache/apk/* && cp /etc/tor/torrc.sample /etc/tor/torrc 
EXPOSE 9050
USER tor
CMD /usr/bin/tor -f /etc/tor/torrc

Then I just ran:

$ sudo docker build -t tor .
$ sudo docker run --name tor -p 9050:9050 tor
$ curl -x socks5://localhost:9050 -k https://23.128.64.134/ip
curl: (7) Unable to receive initial SOCKS5 response.
$ curl -x socks4://localhost:9050 -k https://23.128.64.134/ip
curl: (7) Failed to receive SOCKS4 connect request ack.

But as you can see I'm not able to connect. Neither via socks4 nor via socks5.

I can't seem to figure out why this isn't working. I've already tried using different ports and host names (127.0.0.1 instead of localhost), but nothing is working.

What am I doing wrong?

Edit:

Interestingly though, this appears to work:

$ sudo docker exec -ti tor curl -x socks5://localhost:9050 -k https://23.128.64.134/ip
185.220.101.69

(185.220.101.69 is indeed a Tor exit node IP address)

So what could be wrong here? Why can't I access it from the outside? Even nmap is reporting that it can see the port (when run outside of the container):

9050/tcp open  tor-socks

Edit2: I added the -v-flag to curl and enabled more verbose logging in tor via echo "Log info stdout" > /etc/tor/torrc.

The tor log doesn't change at all when I run the curl command from outside the container. The curl output also doesn't show anything helpful:

$ curl -v -x socks5://localhost:9050 -k https://23.128.64.134/ip
*   Trying ::1:9050...
* TCP_NODELAY set
* SOCKS5 communication to 23.128.64.134:443
* Unable to receive initial SOCKS5 response.
* Closing connection 0
curl: (7) Unable to receive initial SOCKS5 response.

$ curl -v -x socks5://127.0.0.1:9050 -k https://23.128.64.134/ip
*   Trying 127.0.0.1:9050...
* TCP_NODELAY set
* SOCKS5 communication to 23.128.64.134:443
* Unable to receive initial SOCKS5 response.
* Closing connection 0
curl: (7) Unable to receive initial SOCKS5 response.

回答1:


I managed to figure it out. The problem is that Tor by default doesn't bind to all interfaces (as in 0.0.0.0) which doesn't play nicely with Docker.

This can be fixed by adding SocksPort 0.0.0.0:9050 to the /etc/tor/torrc.

So the solution is:

FROM alpine:latest
RUN apk update && apk upgrade && \
    apk add tor curl && \
    rm /var/cache/apk/* && \
    cp /etc/tor/torrc.sample /etc/tor/torrc && \
    echo "SocksPort 0.0.0.0:9050" > /etc/tor/torrc
EXPOSE 9050
USER tor
CMD /usr/bin/tor -f /etc/tor/torrc

Then everything works as expected:

$ sudo docker build -t tor .
$ sudo docker run --name tor -p 9050:9050 tor
$ curl -x socks5://localhost:9050 https://ifconfig.io/ip
190.216.2.136


来源:https://stackoverflow.com/questions/57825953/cant-connect-to-dockerized-tor-proxy

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!