如何从主机系统连接到来宾 VM?
我有一个虚拟机网络服务器设置,我已经安装并启动了 Apache。VM 具有桥接网络接口,可以使用 192.168.0.2 从主机 ping 通。
但是,如果我在主机上的浏览器中键入相同的 IP 地址,我希望看到在 VM 上生成的默认 apache 页面,但相反,我进入can't connect to 192.168.0.2了主机浏览器。
我显然错过了一些东西。有谁知道我错过了什么或做错了什么?
虚拟机输出 netstat -tnlp
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 950/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1026/master
tcp 0 0 :::22 :::* LISTEN 904/sshd
tcp 0 0 ::1:25 :::* LISTEN 980/master
粗略地画出我认为网络活动/连接的样子。
slm*_*slm 14
问题 #1 - VM 网络类型
有3种网络模式:
- 网络地址转换
- 仅限主机
- 桥接
有关设置它们的详细信息
- 这个 AU 问答题为:“在 VirtualBox 中,我如何设置可以访问 Internet 的仅主机虚拟机? ”,展示了如何做 #2。
- 这篇题为“如何设置 VirtualBox 来宾添加和网络”的文章展示了如何做 #3。
什么时候使用?
- #1:用于开发其他服务器上的 Facebook/web 应用程序
- #2:如果你想构建自己的应用程序,并从 VirtualBox 主机(不仅仅是来宾 VM)测试它
- #3: If you want to build an app and test it from other systems on LAN
Issue #2 - firewall blocking?
Depending on which distro you're using, the firewall might be blocking your web browser from accessing your Apache instance. This would make sense given you're able to ping the system, but not access it via port 80, which is the port that Apache is listening on.
temporarily disabling it
On CentOS you use this command to disable it.
$ /etc/init.d/iptables stop
check that Apache's listening
You can also confirm that it's listening on this port.
$ netstat -antp | grep :80 | head -1 | column -t
tcp 0 0 :::80 :::* LISTEN 3790/httpd
confirm firewall's off
The firewall can be confirmed that it's wide open.
$ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
If this solves your issue then you can permanently add a rule that allows traffic in via TCP port 80.
adding a rule for TCP port 80
$ /etc/init.d/iptables restart
$ iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
$ /etc/init.d/iptables save
NOTE: This will make the rule persist between reboots.
firewall is accepting TCP port 80
A system that has the port 80 open would look something like this:
$ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8834
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Issue #3 - Apache listening?
In the above issue we saw that Apache was listening, but sometimes it's mis-configured so that it's only listening on 1 IP address, or that it's listening on a different network interface. The command netstat can be used to double check this as well as reviewing the Apache configuration files.
$ netstat -anpt | grep :80 | column -t
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1750/httpd
This shows that Apache is listening on all interfaces (IP 0.0.0.0).
I won't repeat what @Lekensteyn's answer which covers this particular issue in more details here.
References
| 归档时间: |
|
| 查看次数: |
78827 次 |
| 最近记录: |