问题
On Lubuntu I was able to use tor just by installing it and then connecting to its socks proxy, but on docker with alpine it doesn't seem to be that easy.
Since I left my /etc/tor/torrc the way it came, it only consisted of lines that were commented out. So for alpine I just used the torrc.sample
file which also only had lines that were commented out.
Here is my Dockerfile
:
FROM alpine:latest
RUN apk update && apk upgrade && apk add tor curl && rm /var/cache/apk/* && cp /etc/tor/torrc.sample /etc/tor/torrc
EXPOSE 9050
USER tor
CMD /usr/bin/tor -f /etc/tor/torrc
Then I just ran:
$ sudo docker build -t tor .
$ sudo docker run --name tor -p 9050:9050 tor
$ curl -x socks5://localhost:9050 -k https://23.128.64.134/ip
curl: (7) Unable to receive initial SOCKS5 response.
$ curl -x socks4://localhost:9050 -k https://23.128.64.134/ip
curl: (7) Failed to receive SOCKS4 connect request ack.
But as you can see I'm not able to connect. Neither via socks4 nor via socks5.
I can't seem to figure out why this isn't working. I've already tried using different ports and host names (127.0.0.1 instead of localhost), but nothing is working.
What am I doing wrong?
Edit:
Interestingly though, this appears to work:
$ sudo docker exec -ti tor curl -x socks5://localhost:9050 -k https://23.128.64.134/ip
185.220.101.69
(185.220.101.69 is indeed a Tor exit node IP address)
So what could be wrong here? Why can't I access it from the outside? Even nmap
is reporting that it can see the port (when run outside of the container):
9050/tcp open tor-socks
Edit2:
I added the -v
-flag to curl and enabled more verbose logging in tor via echo "Log info stdout" > /etc/tor/torrc
.
The tor log doesn't change at all when I run the curl command from outside the container. The curl output also doesn't show anything helpful:
$ curl -v -x socks5://localhost:9050 -k https://23.128.64.134/ip
* Trying ::1:9050...
* TCP_NODELAY set
* SOCKS5 communication to 23.128.64.134:443
* Unable to receive initial SOCKS5 response.
* Closing connection 0
curl: (7) Unable to receive initial SOCKS5 response.
$ curl -v -x socks5://127.0.0.1:9050 -k https://23.128.64.134/ip
* Trying 127.0.0.1:9050...
* TCP_NODELAY set
* SOCKS5 communication to 23.128.64.134:443
* Unable to receive initial SOCKS5 response.
* Closing connection 0
curl: (7) Unable to receive initial SOCKS5 response.
回答1:
I managed to figure it out. The problem is that Tor by default doesn't bind to all interfaces (as in 0.0.0.0
) which doesn't play nicely with Docker.
This can be fixed by adding SocksPort 0.0.0.0:9050
to the /etc/tor/torrc
.
So the solution is:
FROM alpine:latest
RUN apk update && apk upgrade && \
apk add tor curl && \
rm /var/cache/apk/* && \
cp /etc/tor/torrc.sample /etc/tor/torrc && \
echo "SocksPort 0.0.0.0:9050" > /etc/tor/torrc
EXPOSE 9050
USER tor
CMD /usr/bin/tor -f /etc/tor/torrc
Then everything works as expected:
$ sudo docker build -t tor .
$ sudo docker run --name tor -p 9050:9050 tor
$ curl -x socks5://localhost:9050 https://ifconfig.io/ip
190.216.2.136
来源:https://stackoverflow.com/questions/57825953/cant-connect-to-dockerized-tor-proxy