apt.conf“获取:: http:代理”代理服务器:端口“似乎不被使用(Win7上的Virtual Box下的Ubuntu 13.04)
这是为了在VirtualBox VM中安装Ubuntu 13.04 Desktop。 我在xyz251:9090上使用HTTP代理的公司网络。 我已经使用自动配置脚本配置了客户操作系统,因此Firefox工作正常,但我无法使用代理连接“apt-get”或“Ubuntu Software Center”。
我创建了文件“/etc/apt/apt.conf”,它现在包含一行文本:
Acquire::http:Proxy "http://xyz251:9090" 这是我在“系统设置/网络/网络代理”中指定并应用于整个系统的proxy.pac文件。
当我使用Firefox时,数据包跟踪显示TCP连接是通过端口9090上的公司代理完成的,当我运行“Ubuntu软件中心”和“apt-get”时,数据包跟踪显示TCP SYN数据包与最终目标IP地址和端口80.当然,对SYN数据包没有响应,因为公司防火墙阻止端口80上的TCP连接进入或退出。
在终端窗口中使用“sudo apt-get”,我总是看到:
Ign cdrom://Ubuntu 13.04 _Raring Ringtail_ - Release amd64 (20130424) raring/main Translation-en_US Ign cdrom://Ubuntu 13.04 _Raring Ringtail_ - Release amd64 (20130424) raring/main Translation-en Ign cdrom://Ubuntu 13.04 _Raring Ringtail_ - Release amd64 (20130424) raring/restricted Translation-en_US Ign cdrom://Ubuntu 13.04 _Raring Ringtail_ - Release amd64 (20130424) raring/restricted Translation-en Err http://extras.ubuntu.com raring Release.gpg Could not connect to extras.ubuntu.com:80 (91.189.92.152), connection timed out Err http://archive.canonical.com raring Release.gpg Cannot initiate the connection to archive.canonical.com:80 (2001:67c:1360:8c01::1b). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::1b 80] Err http://us.archive.ubuntu.com raring Release.gpg Cannot initiate the connection to us.archive.ubuntu.com:80 (2001:67c:1562::14). - connect (101: Network is unreachable) [IP: 2001:67c:1562::14 80] Err http://us.archive.ubuntu.com raring-updates Release.gpg Cannot initiate the connection to us.archive.ubuntu.com:80 (2001:67c:1562::14). - connect (101: Network is unreachable) [IP: 2001:67c:1562::14 80] Err http://us.archive.ubuntu.com raring-backports Release.gpg Cannot initiate the connection to us.archive.ubuntu.com:80 (2001:67c:1562::14). - connect (101: Network is unreachable) [IP: 2001:67c:1562::14 80] 59% [Connecting to security.ubuntu.com (91.189.91.14)]
最后,我看到:
Err http://security.ubuntu.com raring-security Release.gpg Cannot initiate the connection to security.ubuntu.com:80 (2001:67c:1360:8c01::18). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::18 80] Reading package lists... Done W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/raring/Release.gpg Cannot initiate the connection to us.archive.ubuntu.com:80 (2001:67c:1562::14). - connect (101: Network is unreachable) [IP: 2001:67c:1562::14 80] W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/raring-updates/Release.gpg Cannot initiate the connection to us.archive.ubuntu.com:80 (2001:67c:1562::14). - connect (101: Network is unreachable) [IP: 2001:67c:1562::14 80] W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/raring-backports/Release.gpg Cannot initiate the connection to us.archive.ubuntu.com:80 (2001:67c:1562::14). - connect (101: Network is unreachable) [IP: 2001:67c:1562::14 80] W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/raring-security/Release.gpg Cannot initiate the connection to security.ubuntu.com:80 (2001:67c:1360:8c01::18). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::18 80] W: Failed to fetch http://archive.canonical.com/ubuntu/dists/raring/Release.gpg Cannot initiate the connection to archive.canonical.com:80 (2001:67c:1360:8c01::1b). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::1b 80] W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/raring/Release.gpg Could not connect to extras.ubuntu.com:80 (91.189.92.152), connection timed out W: Some index files failed to download. They have been ignored, or old ones used instead.
我完全不确定我做错了什么。
—更新—-我也尝试过:
Acquire::http:proxy "http://user:pass@xyz251:9090/"
“xyz”当然是占位符; 我怀疑我的雇主的安全人员会对我发布实际数字表示友善。 我发现数据包跟踪没有区别 – “apt-get”仍在使用真实的IP地址和端口80.我在apt.conf文件中犯了一个故意的错误并且“apt-get”退出并出现错误,所以我我确定它看到了代理的这个配置行,它似乎并不尊重它。
我正在使用“NAT”网络连接,因为它违反了此处的IT策略以桥接网络,并且DHCP服务器仅提供已知MAC地址的地址。 我不希望IT安全性在我的多维数据集上(再次)。
根据我过去的经验,整体Ubuntu(GNOME)与PAC(自动配置)的效果不佳。 Pac(代理自动配置)基本上是JavaScript逻辑,用于确定最接近或最合适的代理,我强烈建议直接使用代理服务器(在您的情况下为网络 – 网络代理)。
要检查的一些事情
检查你的/etc/apt/apt.conf
Network-Network Proxy GUI将更新/etc/apt/apt.conf并在那里设置代理信息。
从pac中找出代理服务器信息
无论如何,您可以通过阅读proxy.pac文件来查找详细信息。
所以/etc/apt/apt.conf应该如下所示(假设代理服务器是=> proxy.company.com端口80),不要使用pac URL。
Acquire::http::proxy "http://proxy.company.com:80/"; Acquire::https::proxy "https://proxy.company.com:80/"; Acquire::ftp::proxy "ftp://proxy.company.com:80/";
注意:如果apt配置文件中未指定代理,则
apt-get将回退到http_proxy环境变量。
从apt.conf手册页,回复@Braiam的评论
http HTTP URIs; http::Proxy is the default http proxy to use. It is in the standard form of http://[[user][:pass]@]host[:port]/. Per host proxies can also be specified by using the form http::Proxy:: with the special keyword DIRECT meaning to use no proxies. If no one of the above settings is specified, http_proxy environment variable will be used.
检查代理环境变量
您可以通过在终端中运行以下命令来检查代理设置
echo $http_proxy echo $https_proxy echo $ftp_proxy
如果正确设置env变量,则应该能够在CLI中进行更新。
首选IPv4
我注意到apt-get正在尝试使用他们的ipv6地址连接到更新服务器。 这可能会导致问题(有时IPV6地址过期或更改)。
你可以编辑/etc/gai.conf并添加precedence ::ffff:0:0/96 100来precedence ::ffff:0:0/96 100选择ipv4而不是ipv6。
更多细节
我相信我遇到了这个问题,答案很简单。 语法很关键。 它必须如下所示:
Acquire::http::Proxy "http://xyz251:9090";
(还有一个“:”和一个终止“;”)
@Braiam
我认为最好开始一个单独的答案来澄清事情。
我使用Vagrant和防火墙后面的Ubuntu 13.04 Raring x86_64 VM进行了快速测试。
apt-get版本是0.9.7.7ubuntu4
root@raring:~# apt-get --version apt 0.9.7.7ubuntu4 for amd64 compiled on Apr 12 2013 23:49:05 Supported modules: *Ver: Standard .deb *Pkg: Debian dpkg interface (Priority 30) Pkg: Debian APT solver interface (Priority -1000) SL: 'deb' Standard Debian binary tree SL: 'deb-src' Standard Debian source tree Idx: Debian Source Index Idx: Debian Package Index Idx: Debian Translation Index Idx: Debian dpkg status file Idx: EDSP scenario file
更新:它在Precise 12.04.3上的工作方式相同
root@support:/etc/apt# uname -a Linux support 3.8.0-30-generic #44~precise1-Ubuntu SMP Fri Aug 23 17:33:45 UTC 2013 i686 i686 i386 GNU/Linux root@support:/etc/apt# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 12.04.3 LTS Release: 12.04 Codename: precise root@support:/etc/apt# apt-get --version apt 0.8.16~exp12ubuntu10.14 for i386 compiled on Sep 8 2013 03:26:42
1st – 清除apt配置文件
我清除了/etc/apt/apt.conf的代理设置。 我还对所有文件和子目录/etc/apt进行了ack和ag扫描,以确保apt配置文件中没有代理集。
默认情况下, {http_proxy,https_proxy,ftp_proxy} env变量未设置。
apt-get无法连接到更新服务器。
root@raring:~# apt-get -o Debug::Acquire::http=true update 0% [Connecting to au.archive.ubuntu.com (202.158.214.106)] [Connecting to security.ubuntu.com (91.189.91.13)] [Connecting to ppa.launchpad.net (91.189.95.83)]
第二 – 设置环境变量
只需设置代理变量即可
export {http_proxy,https_proxy,ftp_proxy}="http://10.xxx.xxx.231:80"
apt-get现在能够连接!
查看调试输出(这是我从未尝试过的)。
root@raring:~# apt-get -o Debug::Acquire::http=true update 0% [Working]GET http://security.ubuntu.com/ubuntu/dists/raring-security/Release.gpg HTTP/1.1 Host: security.ubuntu.com Cache-Control: max-age=0 User-Agent: Debian APT-HTTP/1.3 (0.9.7.7ubuntu4) GET http://au.archive.ubuntu.com/ubuntu/dists/raring/Release.gpg HTTP/1.1 Host: au.archive.ubuntu.com Cache-Control: max-age=0 User-Agent: Debian APT-HTTP/1.3 (0.9.7.7ubuntu4) GET http://ppa.launchpad.net/git-core/ppa/ubuntu/dists/raring/Release.gpg HTTP/1.1 Host: ppa.launchpad.net Cache-Control: max-age=0 User-Agent: Debian APT-HTTP/1.3 (0.9.7.7ubuntu4) HTTP/1.1 200 OK Date: Fri, 27 Sep 2013 12:12:20 GMT ETag: "16e20bb4-3a5-4db2e154a1dc0" Server: Apache/2.2.3 (Red Hat) Content-Type: text/plain; charset=UTF-8 Accept-Ranges: bytes Last-Modified: Thu, 25 Apr 2013 11:54:39 GMT Content-Length: 933 Proxy-Connection: Keep-Alive Get:1 http://au.archive.ubuntu.com raring Release.gpg [933 B] 0% [1 Release.gpg 0 B/933 B 0%] [Waiting for headers] [Waiting for headers]GET http://au.archive.ubuntu.com/ubuntu/dists/raring-updates/Release.gpg HTTP/1.1 Host: au.archive.ubuntu.com Cache-Control: max-age=0 User-Agent: Debian APT-HTTP/1.3 (0.9.7.7ubuntu4) 99% [Waiting for headers] [Waiting for headers]HTTP/1.1 200 OK Date: Fri, 27 Sep 2013 12:12:20 GMT ETag: "16e20ee7-3a5-4e7594ace9200" Server: Apache/2.2.3 (Red Hat) Content-Type: text/plain; charset=UTF-8 Accept-Ranges: bytes Last-Modified: Fri, 27 Sep 2013 08:30:00 GMT Content-Length: 933 Proxy-Connection: Keep-Alive Get:2 http://au.archive.ubuntu.com raring-updates Release.gpg [933 B] 50% [2 Release.gpg 0 B/933 B 0%] [Waiting for headers] [Waiting for headers]GET http://au.archive.ubuntu.com/ubuntu/dists/raring-backports/Release.gpg HTTP/1.1 Host: au.archive.ubuntu.com Cache-Control: max-age=0 User-Agent: Debian APT-HTTP/1.3 (0.9.7.7ubuntu4) 100% [Waiting for headers] [Waiting for headers]HTTP/1.1 200 OK Date: Fri, 27 Sep 2013 12:12:21 GMT ETag: "16e0083d-3a5-4e6844f477fc0" Server: Apache/2.2.3 (Red Hat) Content-Type: text/plain; charset=UTF-8 Accept-Ranges: bytes Last-Modified: Mon, 16 Sep 2013 18:24:07 GMT Content-Length: 933 Proxy-Connection: Keep-Alive Get:3 http://au.archive.ubuntu.com raring-backports Release.gpg [933 B] 67% [3 Release.gpg 0 B/933 B 0%] [Waiting for headers] [Waiting for headers]HTTP/1.1 200 OK Date: Fri, 27 Sep 2013 12:12:20 GMT ETag: "3a5-4e75c5d969600" Server: Apache/2.2.22 (Ubuntu) Expires: Fri, 27 Sep 2013 13:05:00 GMT Accept-Ranges: bytes Cache-Control: max-age=3159, s-maxage=3300, proxy-revalidate Last-Modified: Fri, 27 Sep 2013 12:10:00 GMT Content-Length: 933 Proxy-Connection: Keep-Alive
……
3 – 取消设置环境变量
取消设置env vars => unset {http_proxy,https_proxy,ftp_proxy}
现在apt-get无法连接。
结论
就像man apt.conf所说的那样,如果没有设置http :: Proxy,将使用http_proxy环境变量。
BTW :我也是Arch Linux用户。 Pacman以类似的方式工作,如果我不在pacman.conf使用wget或curl with proxy,它将使用`{http_proxy,https_proxy,ftp_proxy}’环境变量。
更新 sudo不会保留环境变量。 这就是sudo apt-get update失败的原因。 要解决此问题(保留代理环境变量),请使用sudo -E apt-get update 。