torblock
torblock copied to clipboard
jseidl
Nginx can't communicate with PHP-FPM after running this
Hello,
So I ran your script on my web server (after reading the script's source code, of course). Unfortunately, after running it, the Nginx daemon could no longer communicate with PHP-FPM so it returned an error code (502 bad gateway).
I cleared the iptable rules and things went back to normal.
It's really weird, I'm wondering what went wrong here. Nginx and PHP-FPM are set up to communicate on port 9000, address 127.0.0.1. I could neither find 127.0.0.1 nor my server's IP address in the list of TOR IPs.
Attached is the output log, everything seems normal as far as I can tell. Do you have any idea what might have gone wrong?
I can't test again right now due to the 30 minute limitation of the source list, and also because I don't want to mess up with my server again. torlog.txt
Can you try changing this line to 0 and trying again?
ADD_FORWARD_RULES=1 # change to 0
Also I strongly suggest you implement this on a test setup before throwing in production. Iptables can mess up your current configuration.
Also for the list problems I usually download locally then setup a python Webserver on the download directory
python -m SimpleHTTPServer
On Aug 14, 2017 22:04, "C-Nedelcu" [email protected] wrote:
Hello,
So I ran your script on my web server (after reading the script's source code, of course). Unfortunately, after running it, the Nginx daemon could no longer communicate with PHP-FPM so it returned an error code (502 bad gateway).
I cleared the iptable rules and things went back to normal.
It's really weird, I'm wondering what went wrong here. Nginx and PHP-FPM are set up to communicate on port 9000, address 127.0.0.1. I could neither find 127.0.0.1 nor my server's IP address in the list of TOR IPs.
Attached is the output log, everything seems normal as far as I can tell. Do you have any idea what might have gone wrong?
I can't test again right now due to the 30 minute limitation of the source list, and also because I don't want to mess up with my server again. torlog.txt https://github.com/jseidl/torblock/files/1224182/torlog.txt
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/jseidl/torblock/issues/2, or mute the thread https://github.com/notifications/unsubscribe-auth/AARRoaGDWwf9nXzTAb2JXRWr4OXM1I9Rks5sYSbYgaJpZM4O3MRq .
Hi,
Thanks for replying! Unfortunately this did not do the trick. Still getting a 502 gateway error, which happens immediately after the script starts adding the first iptable rules.
could this have something to do with REDIRECT_IP="10.1.1.112"
whats this IP and why does it come into play? should it be configured?
That's if you want to redirect tor traffic to other host for logging or monitoring. If you set this variable to empty string it will disable it
On Aug 16, 2017 04:36, "C-Nedelcu" [email protected] wrote:
Hi,
Thanks for replying! Unfortunately this did not do the trick. Still getting a 502 gateway error, which happens immediately after the script starts adding the first iptable rules.
could this have something to do with REDIRECT_IP="10.1.1.112"
whats this IP and why does it come into play? should it be configured?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/jseidl/torblock/issues/2#issuecomment-322743065, or mute the thread https://github.com/notifications/unsubscribe-auth/AARRoXnQn0tosHjGYrV9-205WebtI0nRks5sYtQtgaJpZM4O3MRq .
So any idea what might be the problem and how to fix it? The idea behind your script seems perfect now if I could just figure out why it messes my servers...