"connect ECONNREFUSED[PORT]" error when attempting to establish a connection to a local target in Docker environments

  • macOS and Windows (Docker >=18)

When working with Docker 18 and above on macOS and Windows, you can establish a connection with a local target by referencing host.docker.internal, which points to the localhost. Instead of using http://localhost:9000, utilize http://host.docker.internal:9000.

For details, refer to the documentation: Explore networking features on Docker Desktop.

  • Linux with host Network Mode

Linux users can also use the host network mode through the --net parameter. This mode allows your Docker container to share the host's network stack. To use this mode:

docker run --rm -it --net=host --name bright-cli brightsec/cli repeater [options]

By doing so, the IP address within your Docker container will correspond to your Docker host.

For details, refer to the documentation at Host network driver.

  • Docker-for-Linux >=20 with host.docker.internal:

If you're using Docker-for-Linux 20.x, you can also employ the host.docker.internal hostname. However, this requires starting your container with the --add-host host.docker.internal:host-gateway option:

docker run --rm -it --add-host host.docker.internal:host-gateway --name bright-cli brightsec/cli repeater [options]

For details, refer to the documentation at: Support host.docker.internal DNS name to host · Issue #264 · docker/for-linux.

Cannot load "./path/to/your-script.js" error when attempting to load scripts within a Docker container

The docker container has no direct access to these file systems. For instance, attempting to access hmac.js using this command would fail, even if the file exists in the current working directory:

docker run --rm -it --name bright-cli brightsec/cli repeater --id <id> --token <token> --scripts '{"example.com": "./hmac.js"}'

To grant the Docker container access to a file or directory on the host machine, you must bind mounts using either the -v or --mount options, as shown below (Bind mounts):

docker run --rm -it -v "$(pwd)"/hmac.js:/home/node/hmac.js --name bright-cli brightsec/cli repeater --id <id> --token <token> --scripts '{"example.com": "/home/node/hmac.js"}
docker run --rm -it --mount type=bind,source="$(pwd)"/hmac.js,target=/home/node/hmac.js --name bright-cli brightsec/cli repeater --id <id> --token <token> --scripts '{"example.com": "/home/node/hmac.js"}'

Keep in mind that the working directory is /, requiring you to specify the absolute path to hmac.js. However, you can change the working directory using the -w option as follows:

docker run --rm -it -w -v "$(pwd)"/hmac.js:/home/node/hmac.js -w /home/node  --name bright-cli brightsec/cli repeater --id <id> --token <token> --scripts '{"example.com": "./hmac.js"}'

Docker Desktop allows sharing some directories by default (e.g. /Users on Mac), for details refer to the documentation: