这是一个创建于 1034 天前的主题,其中的信息可能已经有所发展或是发生改变。
项目需要访问单点认证的网址 单点认证那边是没问题的,防火墙也是开的,其他地方没有做限制的了
# curl -v https://login.XXX.com/XXX/login -4 * About to connect() to login.jxcia.com port 443 (#0) * Trying 117.XX.XX.X... * Connection refused * Failed connect to login.XXX.com:443; Connection refused * Closing connection 0 curl: (7) Failed connect to login.XXX.com:443; Connection refused ip addr 输出了很多的虚拟网卡,有没有可能跟这个有关
# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 91906: vethbcb7517@if91905: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP group default link/ether fa:0f:2e:xx:xx:xx brd ff:ff:ff:ff:ff:ff link-netnsid 17 inet6 fe80::f80f:2eff:fe14:85c8/64 scope link valid_lft forever preferred_lft forever 2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fe:fc:fe:52:0c:be brd ff:ff:ff:ff:ff:ff inet 10.10.2.13/24 brd 10.10.2.255 scope global noprefixroute ens18 valid_lft forever preferred_lft forever inet 172.198.0.11/20 brd 172.198.15.255 scope global noprefixroute ens18 valid_lft forever preferred_lft forever inet6 fe80::3307:1b7b:406a:9543/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:15:da:c4 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 94980: veth32e54a5@if94979: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP group default link/ether 02:69:2a:b4:aa:77 brd ff:ff:ff:ff:ff:ff link-netnsid 28 inet6 fe80::69:2aff:feb4:aa77/64 scope link valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:15:da:c4 brd ff:ff:ff:ff:ff:ff 5: docker_gwbridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:60:58:c0:c2 brd ff:ff:ff:ff:ff:ff inet 172.200.0.1/16 brd 172.200.255.255 scope global docker_gwbridge valid_lft forever preferred_lft forever inet6 fe80::42:60ff:fe58:c0c2/64 scope link valid_lft forever preferred_lft forever 94982: veth03890d9@if94981: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP group default link/ether b2:6b:9c:5d:5a:79 brd ff:ff:ff:ff:ff:ff link-netnsid 27 inet6 fe80::b06b:9cff:fe5d:5a79/64 scope link valid_lft forever preferred_lft forever 6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:2a:8a:be:13 brd ff:ff:ff:ff:ff:ff inet 172.199.0.1/16 brd 172.199.255.255 scope global docker0 valid_lft forever preferred_lft forever 91916: vethd710460@if91915: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP group default link/ether 5e:b0:64:db:8e:c4 brd ff:ff:ff:ff:ff:ff link-netnsid 18 inet6 fe80::5cb0:64ff:fedb:8ec4/64 scope link valid_lft forever preferred_lft forever  | 1 tomemi 2022-12-19 17:16:46 +08:00 看看路由和防火墙 |
 | 3 newaccount 2022-12-19 17:22:32 +08:00 这里试了下,不加路径的二级域名是可以的。看返回头,隐藏了 nginx 版本,考虑是不是人家在服务器配置了 UA 检测?你改个浏览器的 UA 试试呢? |
 | 5 aaa5838769 2022-12-19 17:30:05 +08:00 telnet 看下端口通么。 |
 | 6 twofox OP |
| 7 twofox OP @aaa5838769 不通,就这一个地址不通,要是换成其他的域名。例如百度啥的,都是通的 |
 | 8 cnit 2022-12-19 17:33:48 +08:00 你直接用 ip 加端口不走 nginx 试试 |
 | 9 fengci 2022-12-19 17:34:41 +08:00 你是不是本地 hosts 了 |
 | 10 Routeros 2022-12-19 17:35:03 +08:00 http_proxy? |
| 11 cnit 2022-12-19 17:35:08 +08:00 # 拒绝 User-Agent if ($http_user_agent ~* LWP::Simple|BBBike|wget|curl) { return 444; } 反正我们这有这个 |
| 13 cnit 2022-12-19 17:39:08 +08:00 你怕不是在命令行里面加了代理 |
 | 15 motherfaka 2022-12-19 17:42:17 +08:00 telnet 不通,curl 其他网站通,大概率是服务端口的问题 |
| 16 cnit 2022-12-19 17:43:32 +08:00 额 我反正之前闹过这样的乌龙,其他的我想不到了 ,你可以试试在命令行里面能不能 curl google 或者 youtube 确认下 |
| 17 motherfaka 2022-12-19 17:45:35 +08:00 拿自己电脑测了一下,telnet 是通的,curl 也是通的,那还是客户端网络的问题…… |
 | 18 julyclyde 2022-12-19 17:50:58 +08:00 refuse 不可能是 nginx 的功能 nginx 开始处理的时候都已经 accept 完毕了 |
 | 19 lhbc 2022-12-19 17:53:49 +08:00 via Android 1. 云厂商的防火墙 2. 域名备案 |
| 21 lhbc 2022-12-19 18:01:09 +08:00 via Android 别人 block 了你的 IP 呗,我都能连上 |
 | 22 guanzhangzhang 2022-12-19 18:10:20 +08:00 先在你服务上的同一个二层(也就是同一个网段)的机器上 curl 下看看能通不,再上一层路径,以此类推,看看哪个路径被封了 |
 | 23 mansurx 2022-12-19 18:48:47 +08:00 curl -vvvv https://xxxxxxxx 看看卡在哪一步,refused 原因是啥 |
 | 24 balabalaXMX 2023-01-04 20:31:18 +08:00 其实我一直不理解 curl https 的话,客户端证书哪里来的啊? |
 | 25 linuxgo 2023-01-10 12:10:01 +08:00 @balabalaXMX #24 https 可以自签生成 |
Select Language