Cntlm 错误:打开的文件太多

tag-icon tag-icon proxy https socket socks cntlm
Cntlm 错误:打开的文件太多

正如标题所述,我在使用 Cntlm 时遇到了一些问题。我使用的是 0.92.3 版本,并从源代码启动。我试图将 Cntlm 作为具有本地主机配置的独立代理启动,以浏览互联网并启动应用程序(例如 Skype)。

我正在使用 Mint 并且命令uname -a给出:

Linux Jarvis 3.16.0-38-generic #52~14.04.1-Ubuntu SMP Fri May 8 09:43:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

这些是我在提问之前执行的步骤:

./configure
make
sudo make install

一切顺利。我还使用以下命令导出 http、https 和 ftp 代理:

export http_proxy = http://127.0.0.1:3128 
export https_proxy = https://127.0.0.1:3128 
export ftp_proxy = https://127.0.0.1:3128

并且一切正常。剩下的就是启动 cntlm,操作如下:

sudo cntlm -v -f

它使信息传递配置文件正确,并显示它停留在前台。

我进入我的浏览器(firefox)并配置代理,将 127.0.0.1 设置为 http 代理,将 3128 设置为端口。

当我启动浏览器选项卡并在代理下进行测试研究时,终端开始详细阐述数据,但几秒钟后它一直说:

cntlm[11605]: Serious error during accept: Too many open files

直到我按下 ctrl+C。

这是我的cntlm.conf:

#
# Cntlm Authentication Proxy Configuration
#
# NOTE: all values are parsed literally, do NOT escape spaces,
# do not quote. Use 0600 perms if you use plaintext password.
#

Username    myUsername
Domain      localhost
Password    password
# NOTE: Use plaintext password only at your own risk
# Use hashes instead. You can use a "cntlm -M" and "cntlm -H"
# command sequence to get the right config for your environment.
# See cntlm man page
# Example secure config shown below.
# PassLM          1AD35398BE6565DDB5C4EF70C0593492
# PassNT          77B9081511704EE852F94227CF48A793
### Only for user 'testuser', domain 'corp-uk'
# PassNTLMv2      D5826E9C665C37C80B53397D5C07BBCB

# Specify the netbios hostname cntlm will send to the parent
# proxies. Normally the value is auto-guessed.
#
# Workstation   netbios_hostname

# List of parent proxies to use. More proxies can be defined
# one per line in format <proxy_ip>:<proxy_port>
#

Listen      127.0.0.1:3128
#Listen     192.168.0.1:3128

#Proxy      10.0.0.41:8080
#Proxy      10.0.0.42:8080
Proxy       127.0.0.1:3128

# List addresses you do not want to pass to parent proxies
# * and ? wildcards can be used
#
NoProxy     localhost, 127.0.0.*, 10.*, 192.168.*

# Specify the port cntlm will listen on
# You can bind cntlm to specific interface by specifying
# the appropriate IP address also in format <local_ip>:<local_port>
# Cntlm listens on 127.0.0.1:3128 by default
#

# If you wish to use the SOCKS5 proxy feature as well, uncomment
# the following option. It can be used several times
# to have SOCKS5 on more than one port or on different network
# interfaces (specify explicit source address for that).
#
# WARNING: The service accepts all requests, unless you use
# SOCKS5User and make authentication mandatory. SOCKS5User
# can be used repeatedly for a whole bunch of individual accounts.
#
SOCKS5Proxy 5000
#SOCKS5User username:password

# Use -M first to detect the best NTLM settings for your proxy.
# Default is to use the only secure hash, NTLMv2, but it is not
# as available as the older stuff.
#
# This example is the most universal setup known to man, but it
# uses the weakest hash ever. I won't have it's usage on my
# conscience. :) Really, try -M first.
#
#Auth       LM
#Flags      0x06820000

# Enable to allow access from other computers
#
#Gateway    yes

# Useful in Gateway mode to allow/restrict certain IPs
# Specifiy individual IPs or subnets one rule per line.
#

Allow       127.0.0.1
Deny        0/0

# GFI WebMonitor-handling plugin parameters, disabled by default
#
#ISAScannerSize     1024
#ISAScannerAgent    Wget/
#ISAScannerAgent    APT-HTTP/
#ISAScannerAgent    Yum/

# Tunnels mapping local port to a machine behind the proxy.
# The format is <local_port>:<remote_host>:<remote_port>
# 
#Tunnel     11443:remote.com:443

我尝试过多次更改配置,但实际上并没有改变。如果我将 127.0.0.1:3128 设置为默认代理(我正在尝试这样做),它启动正常,但最终陷入循环。

我应该怎么做才能使其工作以及问题出在哪里?

我没有接触过原始源代码。因此它应该可以按预期工作。

提前致谢。

编辑:这是ulimit -a之后的输出su

core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 15079
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 15079
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

答案1

好吧,我想我知道发生了什么。基本上,问题是在配置文件中输入了以下行

Proxy    127.0.0.1:3128

还有以下这一行:

Listen 3128(或者 127.0.0.1:3128)

事实上,我认为配置会将代理发送到一个循环中,其中的线程永远不会关闭,无论限制是多少,都会向单个站点发送连接请求。

对于简单的浏览器连接(例如 Firefox),只需保留该行:

Listen    3128

或者

Listen    127.0.0.1:3128

它们是相同的。对于代理,您可以遵循以下方案:

Proxy    ipAddress:port

这些数据可以在网上轻松找到。

配置 Firefox(或其他浏览器)以连接到您的本地主机代理,将 localhost(或 127.0.0.1)设置为主机,并将您正在监听的端口号设置为相同的端口号。这对我有用。

我仍然不知道如何让它从各种应用程序启动(因为我不知道它们是否实际在代理后面运行,它没有提到它),但现在仍然是一个解决方案。

相关内容