最近遇到一个郁闷的问题。好几天都没解决,求助,谢谢大家。
打算开放一个端口15900。可是无论怎么设置防火墙,或者干脆关闭防火墙。就是不能被外部机器访问(在同一内网网段机器)。
本机访问没有问题(127.0.0.1)。防火墙配置应该也没有问题。
iptables status:
代码:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:15900
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
输入lsof -i 显示如下信息。
代码:
ntpd 1640 ntp 21u IPv4 13492 0t0 UDP 192.168.2.111:ntp
master 1720 root 12u IPv4 13709 0t0 TCP localhost.localdomain:smtp (LISTEN)
httpd 1730 root 4u IPv6 13843 0t0 TCP *:http (LISTEN)
httpd 1737 apache 4u IPv6 13843 0t0 TCP *:http (LISTEN)
httpd 1738 apache 4u IPv6 13843 0t0 TCP *:http (LISTEN)
httpd 1739 apache 4u IPv6 13843 0t0 TCP *:http (LISTEN)
httpd 1740 apache 4u IPv6 13843 0t0 TCP *:http (LISTEN)
httpd 1741 apache 4u IPv6 13843 0t0 TCP *:http (LISTEN)
httpd 1742 apache 4u IPv6 13843 0t0 TCP *:http (LISTEN)
httpd 1743 apache 4u IPv6 13843 0t0 TCP *:http (LISTEN)
httpd 1744 apache 4u IPv6 13843 0t0 TCP *:http (LISTEN)
Xvnc 1776 root 4u IPv4 14282 0t0 TCP localhost.localdomain:15900 (LISTEN)
clock-app 2111 root 21u IPv4 26309 0t0 TCP 192.168.2.111:48606->65.113.31.147:http (CLOSE_WAIT)
sshd 2281 root 3r IPv4 20572 0t0 TCP 192.168.2.111:ssh->192.168.2.61:57678 (ESTABLISHED)
192.168.2.111是当机IP
可以看出来,80端口,21,22都没问题。但就是自己后来添加上来的端口不能访问。是没有与服务绑定么?
关键这句“localhost.localdomain:15900 (LISTEN) ”
防火墙关闭,SElinux关闭还是不能解决问题
解决!VNC配置问题。居然没看清楚。郁闷。。。
代码:
VNCSERVERS="1:root"
VNCSERVERARGS[1]="-geometry 800x600 -nolisten tcp -localhost"
问题出在localhost,删掉-nolisten tcp -localhost 解决