Al *_*Che 13 linux ubuntu port localhost
我正在运行nginx服务器(与哪个服务器无关):
$ sudo netstat -tulpn | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4268/nginx
tcp6 0 0 :::80 :::* LISTEN 4268/nginx
然后我将请求发送到 127.0.0.1
$ curl -v 127.0.0.1
* Rebuilt URL to: 127.0.0.1/
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* connect to 127.0.0.1 port 80 failed: Connection refused
* Failed to connect to 127.0.0.1 port 80: Connection refused
* Closing connection 0
curl: (7) Failed to connect to 127.0.0.1 port 80: Connection refused
$ telnet localhost 80
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
在/etc/hosts 中一切正常:
127.0.1.1 ubuntu-work
127.0.0.1 localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
iptables禁用$ sudo iptables -L:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
有趣的是,我可以连接到任何地址 127 .. .* 除了 127.0.0.1 (localhost)。而且我还可以连接到我的子网 IP 地址 10.0.2.15。如果我在服务器配置中将端口 80 更改为另一个端口(例如 Listen 88),它就可以工作。
我尝试$ sudo nmap -sS 127.0.0.1 -p 80并得到信息 - 80/tcp closed,但是如果在端口 80 上运行 nginx 服务器怎么可能?
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00011s latency).
PORT STATE SERVICE
80/tcp closed http
Nmap done: 1 IP address (1 host up) scanned in 1.12 seconds
环回接口已启动: $ ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:86:5f:e3
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe86:5fe3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:588 errors:0 dropped:0 overruns:0 frame:0
TX packets:616 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:262986 (262.9 KB) TX bytes:103011 (103.0 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:276 errors:0 dropped:0 overruns:0 frame:0
TX packets:276 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:32750 (32.7 KB) TX bytes:32750 (32.7 KB)
其他 iptables 表
的输出$ sudo iptables -t nat -nvL:
Chain PREROUTING (policy ACCEPT 1 packets, 40 bytes)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 20559
0 0 REDIRECT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 20558
Chain INPUT (policy ACCEPT 1 packets, 40 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1043 packets, 65731 bytes)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- * * 0.0.0.0/0 127.0.0.1 tcp dpt:80 redir ports 20559
0 0 REDIRECT tcp -- * * 0.0.0.0/0 127.0.0.1 tcp dpt:443 redir ports 20558
Chain POSTROUTING (policy ACCEPT 1043 packets, 65731 bytes)
pkts bytes target prot opt in out source destination
我没有得到任何输出sudo iptables -t mangle -nVL,只有版本:iptables v1.4.21
输出 sudo iptables -t mangle -nL
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
如果您对什么阻止 localhost:80 有任何想法,请帮助我。
Mic*_*ton 12
没有什么会阻止端口 80。您只是有防火墙 NAT 规则,这些规则会将到该端口的连接重定向到其他未打开的端口。
Chain PREROUTING (policy ACCEPT 1 packets, 40 bytes)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 20559
0 0 REDIRECT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 20558
Chain OUTPUT (policy ACCEPT 1043 packets, 65731 bytes)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- * * 0.0.0.0/0 127.0.0.1 tcp dpt:80 redir ports 20559
0 0 REDIRECT tcp -- * * 0.0.0.0/0 127.0.0.1 tcp dpt:443 redir ports 20558
删除这些规则以解决问题。