proxyee icon indicating copy to clipboard operation
proxyee copied to clipboard

Published 20 hours ago verified publisher icon monkeyWie

[iptables -j REJECT/DROP][java.net.SocketException: Connection reset] Q:How to handle these exceptions?

Open freedom1b2830 opened this issue 3 years ago • 9 comments
trafficstars

The situation is this, some ip addresses are blocked by iptables (iptables -A OUTPUT -d ip -j REJECT). Because of this, the proxy gives these exceptions:

окт. 11, 2022 12:43:15 PM io.netty.channel.AbstractChannelHandlerContext invokeExceptionCaught
WARNING: An exception 'java.lang.NullPointerException: Cannot invoke "com.github.monkeywie.proxyee.handler.HttpProxyServerHandler.getExceptionHandle()" because the return value of "io.netty.channel.ChannelPipeline.get(String)" is null' [enable DEBUG level for full stacktrace] was thrown by a user handler's exceptionCaught() method while handling the following exception:
java.net.SocketException: Connection reset
	at java.base/sun.nio.ch.SocketChannelImpl.throwConnectionReset(SocketChannelImpl.java:394)
	at java.base/sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:426)
	at io.netty.buffer.PooledByteBuf.setBytes(PooledByteBuf.java:258)
	at io.netty.buffer.AbstractByteBuf.writeBytes(AbstractByteBuf.java:1132)
	at io.netty.channel.socket.nio.NioSocketChannel.doReadBytes(NioSocketChannel.java:357)
	at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:151)
	at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:722)
	at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:658)
	at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:584)
	at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:496)
	at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
	at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
	at java.base/java.lang.Thread.run(Thread.java:833)

How to assign a handler for these exceptions/silence these exceptions?

freedom1b2830 avatar Oct 11 '22 12:10 freedom1b2830

also how to do it? "enable DEBUG level for full stacktrace"

freedom1b2830 avatar Oct 11 '22 12:10 freedom1b2830

can you post code?

monkeyWie avatar Oct 12 '22 02:10 monkeyWie

https://github.com/freedom1b2830/cocoon/blob/main/cocoon-webproxy/src/main/java/freedom1b2830/cocoon/webproxy/WebProxy.java

freedom1b2830 avatar Oct 12 '22 02:10 freedom1b2830

Unable to reproduce, can you provide the simplest and reproducible code?

monkeyWie avatar Oct 12 '22 02:10 monkeyWie

https://github.com/freedom1b2830/monkeyWieBug maven java8+

freedom1b2830 avatar Oct 13 '22 14:10 freedom1b2830

@freedom1b2830 Pls provide specific reproduction steps, such as:

1. xxx
2. xxx
3. curl -k -x 127.0.0.1:9999 https://www.google.com

monkeyWie avatar Oct 18 '22 03:10 monkeyWie

1.generated a root certificate 2.added it to the trusted centers in the systems (trust anchor –store /path) 3.configured firefox (http+https proxy) 4.I visited sites where there are resources from blocked domains through iptables (iptables -A OUTPUT -d $blockedIP -j REJECT)

freedom1b2830 avatar Oct 18 '22 05:10 freedom1b2830

@freedom1b2830 I still can't reproduce the problem, can you test with curl command? My test:

1. add a line of code `domainsBlockRegEx.add("baidu.com")` 
2. ping www.badu.com get ip 14.215.177.39
3. sudo iptables -A OUTPUT -d 14.215.177.39 -j REJECT
4. start server
5. curl -k -x 127.0.0.1:9999 https://www.baidu.com

and it no exception. image

monkeyWie avatar Oct 19 '22 06:10 monkeyWie

the application was suspended at the time of the NPE being thrown out

heap dump 1.zip

in code:

@Override
    public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
        ctx.channel().close();
        clientChannel.close();
        HttpProxyExceptionHandle exceptionHandle = ((HttpProxyServerHandler) clientChannel.pipeline()
                .get("serverHandle")).getExceptionHandle();
        exceptionHandle.afterCatch(clientChannel, ctx.channel(), cause);
    }

(HttpProxyServerHandler) clientChannel.pipeline().get("serverHandle")==null

I am getting an exception in this thread

"nioEventLoopGroup-2-4" #38 prio=10 os_prio=0 cpu=397,75ms elapsed=199,42s tid=0x00007f284c083b70 nid=107057 runnable  [0x00007f2839df6000]
   java.lang.Thread.State: RUNNABLE
	at com.github.monkeywie.proxyee.handler.HttpProxyClientHandler.exceptionCaught(HttpProxyClientHandler.java:55)
	at io.netty.channel.AbstractChannelHandlerContext.invokeExceptionCaught(AbstractChannelHandlerContext.java:302)
	at io.netty.channel.AbstractChannelHandlerContext.invokeExceptionCaught(AbstractChannelHandlerContext.java:281)
	at io.netty.channel.AbstractChannelHandlerContext.fireExceptionCaught(AbstractChannelHandlerContext.java:273)
	at io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireExceptionCaught(CombinedChannelDuplexHandler.java:424)
	at io.netty.channel.ChannelHandlerAdapter.exceptionCaught(ChannelHandlerAdapter.java:92)
	at io.netty.channel.CombinedChannelDuplexHandler$1.fireExceptionCaught(CombinedChannelDuplexHandler.java:145)
	at io.netty.channel.ChannelInboundHandlerAdapter.exceptionCaught(ChannelInboundHandlerAdapter.java:143)
	at io.netty.channel.CombinedChannelDuplexHandler.exceptionCaught(CombinedChannelDuplexHandler.java:231)
	at io.netty.channel.AbstractChannelHandlerContext.invokeExceptionCaught(AbstractChannelHandlerContext.java:302)
	at io.netty.channel.AbstractChannelHandlerContext.invokeExceptionCaught(AbstractChannelHandlerContext.java:281)
	at io.netty.channel.AbstractChannelHandlerContext.fireExceptionCaught(AbstractChannelHandlerContext.java:273)
	at io.netty.handler.ssl.SslHandler.exceptionCaught(SslHandler.java:1105)
	at io.netty.channel.AbstractChannelHandlerContext.invokeExceptionCaught(AbstractChannelHandlerContext.java:302)
	at io.netty.channel.AbstractChannelHandlerContext.invokeExceptionCaught(AbstractChannelHandlerContext.java:281)
	at io.netty.channel.AbstractChannelHandlerContext.fireExceptionCaught(AbstractChannelHandlerContext.java:273)
	at io.netty.channel.DefaultChannelPipeline$HeadContext.exceptionCaught(DefaultChannelPipeline.java:1377)
	at io.netty.channel.AbstractChannelHandlerContext.invokeExceptionCaught(AbstractChannelHandlerContext.java:302)
	at io.netty.channel.AbstractChannelHandlerContext.invokeExceptionCaught(AbstractChannelHandlerContext.java:281)
	at io.netty.channel.DefaultChannelPipeline.fireExceptionCaught(DefaultChannelPipeline.java:907)
	at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.handleReadException(AbstractNioByteChannel.java:125)
	at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:177)
	at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:722)
	at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:658)
	at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:584)
	at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:496)
	at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
	at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
	at java.lang.Thread.run([email protected]/Thread.java:833)

   Locked ownable synchronizers:
	- None

freedom1b2830 avatar Oct 19 '22 09:10 freedom1b2830