I have a proxy pass which redirects all BE service calls to the API-Gateway. For debugging one particular scenario, I want to proxy all urls with base path /abc to a netcat proxy which would dumplt the complete request on console.
ATM I am using following proxy pass:
ProxyPass /abc/ http://localhost:8089/apigateway/api/
Whereas I am listening on port 8089 as follow:
nc -p 8089 localhost 8080
But the nc connection is closing up within few seconds after i run the above mentioned command. Any idea what am I do wrong?
When I curl the url http://localhost/abc/messaage, I see 503 as response.
Following worked for me:
sudo nc -l localhost 8089 < abc.txt | tee -a in | nc localhost 8080 | tee -a out.html > def.txt
Listening on port 8089 (httpd forwards everything on 8089). nc then forwards the request to port 8080 (actual apigateway). In the middle it dumps the request and response in different files.
Related
I have netcat listening for udp traffic on port 8125 in terminal 1
nc -ul 8125
and in terminal 2 I run the following (a test dogstatsd message for troubleshooting a datadog client connection):
echo "test_metric:1|c" | nc -u -w 1 -v localhost 8125
#found 0 associations
#found 1 connections:
# 1: flags=82<CONNECTED,PREFERRED>
# outif lo0
# src ::1 port 50397
# dst ::1 port 8125
# rank info not available
#Connection to localhost port 8125 [udp/*] succeeded!
I would expect to see test_metric:1|c show up in the output of terminal 1, but there is no output at all.
Can you help me understand why the udp message is not showing up and how to successfully send the udp message?
I still don't know why it makes a difference, but adding the -4 option made it work
echo "test_metric:1|c" | nc -u -4 -w 1 localhost 8125
Here's the man page on the option:
-4 Forces nc to use IPv4 addresses only.
I just installed rabbitmq on a 14 ubuntu, adjusted the hostname in the /etc/hosts files, in the following format 127.0.0.1 hostname.
I can see the web console with curl localhost:15672, but when I try to access it with the browser, it just won't open?
I can see the port with netstat:
netstat -nptl | grep 15672
tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN 29997/beam
But I can't see it with nmap:
nmap -sT -O localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-16 19:52 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00022s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
631/tcp open ipp
I also enabled the web interface in rabbitmq, made the user and all that, but when I try to access it through the browser http:/my-ip-address:15672(5672), the web page just times out?
Tnx,
Tom
I was not able to use port 8080 because it was apparently already used.
In order to see which program was using it, I typed the following command in my terminal (on MacOS):
sudo lsof -n -i :8080
Here's the result:
httpd is also listening on port 80, which I found out by using the following command:
sudo lsof -n -i :80 | grep LISTEN
Here's the result:
So I went to find out what this "httpd"-process was. Apparently it is basically the web server installed on my machine. The web server installed on my machine is Apache2.
Given this fact I concluded that Apache2 was apparently configured to listen on port 80 AND on port 8080.
BUT: Here's the crazy thing: I went to the folder /etc/apache2 and opened the file "httpd.conf". In the file Apache is configured to listen on port 80 only !!!
Why the hell is it also listening on port 8080 ?!
How can I make it listen on port 80 only ?
I am doing a local forwarding to the remote port at 80 which the apache2 is listening on like this ssh -L 80:localhost:80 user#host.com , so it connects me to the remote server, however I find I can still do mkdir rm and such commands. Isn't it so that I am only forwarded to application listening on port 80? so what's the difference to this command ssh -p 22 host.com ? Is there a way to test if this port forwarding is working?
Yes, you can Test as follows:
You should use a Client program on one Side and A Server Program on the other remote side.
Try to connect your client to your server according to ports and IP's used in your port forwarding by Netsh Cmd.
If connection succeed , that is it, if connection fails, that means port forwarding command was failed, or your ip and port configuration of your client and server is wrong.
More over if you send a text file to the server, you should receive it.
I hope that this will help.
Thanks.
You can listen on port 80 with netcat like this on the host ...
nc -l -p 80
... and then either send something back with netcat ...
nc host.com 80 <<< hello
... and see if you get a "hello" on the server, or use nmap :
nmap host.com -p 80
You can also use nmap the same way if you already have a server listening on port 80, like apache.
Just note that nmap will say it's closed unless there is something listening on that port.
I have setup the new version of haproxy but I need to disable TLS and the "notlsv1" keyword doesn't works.
In my actual configuration, I use stud to manage https sessions with these parameters:
-B 1000 -n 8 -b 127.0.0.1 8080 -f *,443 --ssl -c ALL --write-proxy
And I'm trying to replace him by the new haproxy version.
My configuration file:
global
log 127.0.0.1 local0 info
maxconn 32000
user haproxy
group haproxy
daemon
nbproc 1
stats socket /tmp/haproxy.sock
defaults
timeout connect 10000
timeout client 30000
timeout server 30000
listen ha_stats 0.0.0.0:8088
balance source
mode http
timeout client 30000ms
stats enable
stats uri /lb?stats
frontend https-requests
mode http
bind :80
bind :443 ssl crt ./haproxy.pem notlsv1
acl is_front hdr(host) -i front.mydomain.com
acl is_service hdr(host) -i service.mydomain.com
use_backend bkfront if is_front
use_backend bkservice if is_service
default_backend mydomain.com
backend mydomain.com
mode http
server mywebsite www.mydomain.com:80
backend bkfront
mode http
balance roundrobin
option httpchk GET / HTTP/1.1\r\nHost:\ front.mydomain.com
server web05 192.168.200.5:80 check
backend bkservice
mode http
balance roundrobin
option httpchk GET / HTTP/1.1\r\nHost:\ service.mydomain.com
server web01 192.168.200.1:80 check
The http and https sessions work very well with firefox but I have problems with chrome and Internet explorer. To solve them, with Stud I need to add --ssl.
Thanks,
SOLUTION:
Thanks to Willy for his help. Below I give the commands to solve this problem:
wget http://haproxy.1wt.eu/download/1.5/src/devel/haproxy-1.5-dev12.tar.gz
wget http://haproxy.1wt.eu/download/1.5/src/snapshot/haproxy-1.5-dev12-patches-LATEST.tar.gz
tar xvzf haproxy-1.5-dev12.tar.gz
mv haproxy-1.5-dev12-patches-LATEST.tar.gz haproxy-1.5-dev12
cd haproxy-1.5-dev12/
tar xvzf haproxy-1.5-dev12-patches-LATEST.tar.gz
patch -p1 < haproxy-1.5-dev12-patches-20121009/*.diff
make TARGET=linux26 USE_OPENSSL=1
sudo make PREFIX=/opt/haproxy-ssl install
And replace:
bind :443 ssl crt ./haproxy.pem notlsv1
to:
bind :443 ssl crt ./haproxy.pem force-sslv3
This is because in OpenSSL, notlsv1 only disables TLSv1.0, not later versions ! If you need this, you'd better download the latest snapshot from the site and use "force-sslv3" instead of "notlsv1". It will force use of SSLv3 exclusively and do what you currently have with stud.