我正在使用openstack启动Red Hat Enterprise Linux Server 7.5版(Maipo)并在其中安装apache tomcat 9.0.17,部署一个Web应用程序,但是我无法通过我的另一个Windows PC访问这个tomcat url例如http://10.157.166.142:8080在同一个内部网络中。但我可以在linux中使用它。
而且我还添加了以下catalina.sh来绑定ipv4并且在进行此更改之前,它仅绑定到ipv6,但仍然不被其他PC访问
JAVA_OPTS=" $JAVA_OPTS -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true "
curl -v http://localhost:8080工作正常。
ip:192.168.0.14 elastic ip:10.157.166.142
[root@bigdata]# netstat -tupln | grep :8080
tcp 0 0 0.0.0.0:8080 0.0.0.0:*
LISTEN 21373/java
[root@bigdata bin]# service iptables status
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled;
vendor preset: disabled)
Active: inactive (dead)
使用tcpdump,我尝试从我的Windows PC访问并获取以下日志:
[root@bigdata docker.service.d]# tcpdump -i eth0 port 8080
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:32:07.738897 IP 10.141.174.148.54346 > bigdata.novalocal.webcache: Flags [S], seq 2866917131, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:07.741243 IP 10.141.174.148.54347 > bigdata.novalocal.webcache: Flags [S], seq 3985678636, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:07.990685 IP 10.141.174.148.54350 > bigdata.novalocal.webcache: Flags [S], seq 577076481, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:10.739649 IP 10.141.174.148.54346 > bigdata.novalocal.webcache: Flags [S], seq 2866917131, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:10.741583 IP 10.141.174.148.54347 > bigdata.novalocal.webcache: Flags [S], seq 3985678636, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:10.990666 IP 10.141.174.148.54350 > bigdata.novalocal.webcache: Flags [S], seq 577076481, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:16.738767 IP 10.141.174.148.54346 > bigdata.novalocal.webcache: Flags [S], seq 2866917131, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:16.741559 IP 10.141.174.148.54347 > bigdata.novalocal.webcache: Flags [S], seq 3985678636, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:16.990632 IP 10.141.174.148.54350 > bigdata.novalocal.webcache: Flags [S], seq 577076481, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
[root@bigdata docker.service.d]# lsof -i :8080 | grep LISTEN
java 21373 root 54u IPv4 90812729 0t0 TCP *:webcache (LISTEN)
检查防火墙规则一次。默认情况下,可能无法打开端口8080。在部署应用程序的计算机上,您必须向iptables添加新规则才能打开该端口。
vi /etc/sysconfig/iptables-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPTesc+:+w+q或检查this link以查看保存更改后如何退出vi编辑器/etc/init.d/iptables restart重新加载iptables谢谢Yogesh Badke。并添加以下规则的工作原理。
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT