我一直在使用 Openconnect 和 Docker 创建一个容器,该容器允许访问外部数据库以进行开发。但是,当我通过 Openconnect VPN 连接时,似乎无法连接到任何东西。
连接到 VPN 之前:
root@932386ed6d5f:/# apt-get update
Hit:1 http://ppa.launchpad.net/ondrej/php/ubuntu bionic InRelease
Hit:2 http://archive.ubuntu.com/ubuntu bionic InRelease
Hit:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:5 http://security.ubuntu.com/ubuntu bionic-security InRelease
Reading package lists... Done
root@932386ed6d5f:/#
连接到 VPN 后:
root@932386ed6d5f:/# apt-get update
Err:1 http://archive.ubuntu.com/ubuntu bionic InRelease
Temporary failure resolving 'archive.ubuntu.com'
Err:2 http://security.ubuntu.com/ubuntu bionic-security InRelease
Temporary failure resolving 'security.ubuntu.com'
Err:3 http://ppa.launchpad.net/ondrej/php/ubuntu bionic InRelease
Temporary failure resolving 'ppa.launchpad.net'
0% [Working]^C
正在运行的命令:
openconnect -b --no-dtls --servercert sha256:CENSORED --user=USER -q IP --passwd-on-stdin < pass.txt
命令的响应:
GROUP: [VPNGROUP]:VPNGROUP
我可以从 VPN 顺利 ping 到我需要的 IP。但是,容器外部的任何东西都不起作用。我正在使用 Docker run 命令来调试映像。
Dockerfile
FROM ubuntu:latest
LABEL maintainer="[email protected]"
ENV DEBIAN_FRONTEND=noninteractive
ENV DOMAIN=SSL_DOMAIN
RUN apt-get update
RUN apt-get install -y software-properties-common
RUN add-apt-repository -y ppa:ondrej/php
RUN apt-get update && apt-get install -y \
nginx \
wget \
php7.2 \
php7.2-cli \
php7.2-curl \
php7.2-fpm \
php7.2-gd \
php7.2-intl \
php7.2-json \
php7.2-mbstring \
php7.2-mysql \
php7.2-opcache \
php7.2-xml \
php7.2-zip \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Composer
RUN wget https://getcomposer.org/download/1.9.1/composer.phar
RUN mv composer.phar /usr/local/bin/composer
# TODO - Move to top
RUN add-apt-repository main
RUN add-apt-repository universe
RUN add-apt-repository restricted
RUN add-apt-repository multiverse
RUN apt-get update
RUN apt-get -y install openconnect vpnc nano glances iputils-ping
# Init script
COPY ./docker/docker-run.sh /docker-run.sh
VOLUME ["/var/www/html"]
EXPOSE 80 443
CMD ["/bin/bash", "docker-run.sh"]