我在新的专用服务器上安装了docker(在通用的ubuntu 14.0 - linux内核3.13.0-71上)。 我安装了一个ubuntu docker镜像来测试环境。 (docker run -it ubuntu bash)我用openssl支持安装了curl。
当我尝试获取HTTP页面的内容时,我没有问题。当我尝试加载HTTPS页面时,我的连接被拒绝:
root@835f01fef568:/# curl https://www.google.com
curl: (7) Failed to connect to www.google.com port 443: Connection refused
在详细模式中我有:
root@835f01fef568:/# curl -V https://www.google.com
curl 7.35.0 (x86_64-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
如果我尝试在文件中记录跟踪,我有:
== Info: Rebuilt URL to: https://www.google.com/
== Info: Hostname was NOT found in DNS cache
== Info: Trying 173.194.123.81...
== Info: connect to 173.194.123.81 port 443 failed: Connection refused
== Info: Trying 173.194.123.84...
== Info: connect to 173.194.123.84 port 443 failed: Connection refused
== Info: Trying 173.194.123.80...
== Info: connect to 173.194.123.80 port 443 failed: Connection refused
== Info: Trying 173.194.123.82...
== Info: connect to 173.194.123.82 port 443 failed: Connection refused
== Info: Trying 173.194.123.83...
== Info: connect to 173.194.123.83 port 443 failed: Connection refused
== Info: Trying 2607:f8b0:4006:80c::1013...
== Info: Immediate connect fail for 2607:f8b0:4006:80c::1013: Network is unreachable
== Info: Failed to connect to www.google.com port 443: Connection refused
== Info: Closing connection 0
我对自己可以做的事情有点失落:( 这不是DNS问题,因为我可以ping端口80上的服务器或CURL http内容。它只与SSL连接有关。 这里有人对这个问题有任何想法吗?
由于
答案 0 :(得分:3)
我找到了问题的根源。这与主要主机的iptables问题有关
使用命令iptables -L -t nat我发现在重定向到端口9092的所有https流量上都激活了预路由,由另一个服务使用。
答案 1 :(得分:0)
我有同样的问题。我发现将iptables规则的界面设置为“ eth0”而不是“ any”可以解决问题。
以下是为我在主机上工作的示例:
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 443 -j DNAT --to-destination 172.17.0.3:8443
接口更改为“ eth0”后, wget https:// ... 从docker内部重新工作。
希望这会有所帮助。
答案 2 :(得分:0)
echo ipv4 >> ~/.curlrc
在终端上运行此命令。它对我有用