阿里云添加的安全组端口以及添加后无法访问问题排查
<p><strong>目的:</strong></p>
<p>
1、为了通过阿里云服务器做服务器的外网映射而需要在阿里云服务器添加安全组端口外网访问</p>
<p>
2、解决偶然发现添加安全组端口后,还是无法访问的解决方案</p>
<p>
<strong>前置条件:</strong><br>
1、设置阿里云安全组端口<br>
2、在本机cmd下,telnet IP+端口 (注:ip 后面是空格 + 端口号),如果通则万事大吉,如果不通,则进行排查方案</p>
<p>
<img title="阿里云添加的安全组端口以及添加后无法访问问题排查" alt="阿里云添加的安全组端口以及添加后无法访问问题排查" src="https://zhuji.jb51.net/uploads/img/202305/095a0dc6e86fb482819af19c7a34414c.jpg"></p>
<p>
<img title="阿里云添加的安全组端口以及添加后无法访问问题排查" alt="阿里云添加的安全组端口以及添加后无法访问问题排查" src="https://zhuji.jb51.net/uploads/img/202305/5232afea3c70eb12fc9a15a8861cc54f.jpg"></p>
<p>
<img title="阿里云添加的安全组端口以及添加后无法访问问题排查" alt="阿里云添加的安全组端口以及添加后无法访问问题排查" src="https://zhuji.jb51.net/uploads/img/202305/3d873008245740da42f4451999227e24.jpg"></p>
<p>
<img title="阿里云添加的安全组端口以及添加后无法访问问题排查" alt="阿里云添加的安全组端口以及添加后无法访问问题排查" src="https://zhuji.jb51.net/uploads/img/202305/27f2de4655a62e801533831c4c9cb7ae.jpg"></p>
<p>
<img title="阿里云添加的安全组端口以及添加后无法访问问题排查" alt="阿里云添加的安全组端口以及添加后无法访问问题排查" src="https://zhuji.jb51.net/uploads/img/202305/350769a34621954fd0de7b7953bcdab8.jpg">排查方案(如有新的排查方向,后续补上):</p>
<p>
1.发现telnet不通的话,则考虑是否服务器防火墙的问题</p>
<p>
1)查看所有信息,看添加的端口是否存在(注:ports后面的就是开放的对应端口)</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_924899">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
<div class="line number9 index8 alt2">
9</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># firewall-cmd --list-all #注意权限问题</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash spaces"> </code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">public (active)</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash spaces"> </code><code class="bash plain">target: default</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash spaces"> </code><code class="bash plain">icmp-block-inversion: no</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash spaces"> </code><code class="bash plain">interfaces: eth0</code>
</div>
<div class="line number7 index6 alt2">
<code class="bash spaces"> </code><code class="bash plain">sources:</code>
</div>
<div class="line number8 index7 alt1">
<code class="bash spaces"> </code><code class="bash plain">services: dhcpv6-client</code>
</div>
<div class="line number9 index8 alt2">
<code class="bash spaces"> </code><code class="bash plain">ports: 1130</code><code class="bash plain">/tcp</code> <code class="bash plain">80</code><code class="bash plain">/tcp</code> <code class="bash plain">10051</code><code class="bash plain">/tcp</code> <code class="bash plain">5672</code><code class="bash plain">/tcp</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
2)没有的话添加,例如添加18002端口</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_511129">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments">#firewall-cmd --zone=public --add-port=18002/tcp --permanent</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
说明:<br>
–zone #作用域<br>
–add-port=80/tcp #添加端口,格式为:端口/通讯协议<br>
–permanent 永久生效,没有此参数重启后失效</p>
<p>
其它操作:</p>
<p>
添加多个端口:</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_99967">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">firewall-cmd --zone=public --add-port=80-90</code><code class="bash plain">/tcp</code> <code class="bash plain">--permanent</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash comments">#删除</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">firewall-cmd --zone=public --remove-port=80</code><code class="bash plain">/tcp</code> <code class="bash plain">--permanent</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
3)重启防火墙</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_906160">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments">#firewall-cmd --reload</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
4)再次查看端口是否打开(如打开后,则完美解决)</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_57447">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
<div class="line number9 index8 alt2">
9</div>
<div class="line number10 index9 alt1">
10</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># firewall-cmd --list-all</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">public (active)</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash spaces"> </code><code class="bash plain">target: default</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash spaces"> </code><code class="bash plain">icmp-block-inversion: no</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash spaces"> </code><code class="bash plain">interfaces: eth0</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash spaces"> </code><code class="bash plain">sources: </code>
</div>
<div class="line number7 index6 alt2">
<code class="bash spaces"> </code><code class="bash plain">services: dhcpv6-client</code>
</div>
<div class="line number8 index7 alt1">
<code class="bash spaces"> </code><code class="bash plain">ports: 1130</code><code class="bash plain">/tcp</code> <code class="bash plain">80</code><code class="bash plain">/tcp</code> <code class="bash plain">10051</code><code class="bash plain">/tcp</code> <code class="bash plain">18002</code><code class="bash plain">/tcp</code> <code class="bash plain">7660</code><code class="bash plain">/tcp</code>
</div>
<div class="line number9 index8 alt2">
<code class="bash spaces"> </code><code class="bash plain">protocols: </code>
</div>
<div class="line number10 index9 alt1">
<code class="bash spaces"> </code><code class="bash plain">masquerade: </code><code class="bash functions">yes</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
防火墙的一些基本命令:</p>
<p>
1:查看防火状态</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_541377">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">systemctl status firewalld</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash spaces"> </code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">service iptables status</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
2:暂时关闭防火墙</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_96990">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">systemctl stop firewalld</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">service iptables stop</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
3:永久关闭防火墙</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_720151">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">systemctl disable firewalld</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">chkconfig iptables off</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
4:重启防火墙</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_362680">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">systemctl </code><code class="bash functions">enable</code> <code class="bash plain">firewalld</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">service iptables restart</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
5:启动防火墙</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_705158">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash functions">sudo</code> <code class="bash plain">systemctl start firewalld</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
到此这篇关于阿里云添加的安全组端口以及添加后无法访问问题排查的文章就介绍到这了,更多相关阿里云添加的安全组端口内容请搜索服务器之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持服务器之家!</p>
<p>
原文链接:https://www.cnblogs.com/Force-testers/p/12517778.html</p>
頁:
[1]