技术解析
firewalld 打开即无法访问 nginx, 关闭即可访问 nginx, nginx 在服务器上通过 curl 可以正确显示, 在外网访问即无效
systemctl start firewalld, 外网无法访问, systemctl stop firewalld, 外网即可访问.
外网访问
➜ ~ curl -v http://39.107.204.247:80
* Rebuilt URL to: http://39.107.204.247:80/
* Trying 39.107.204.247...
* TCP_NODELAY set
* Connected to 39.107.204.247 (39.107.204.247) port 80 (#0)
> GET / HTTP/1.1
> Host: 39.107.204.247
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 302
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 08:00:00 CST
< Location: https://39.107.204.247/
< Content-Length: 0
< Date: Thu, 11 Oct 2018 01:54:33 GMT
<
* Connection #0 to host 39.107.204.247 left intact
➜ ~
[[email protected] ~]# curl -v http://39.107.204.247:80
* About to connect() to 39.107.204.247 port 80 (#0)
* Trying 39.107.204.247...
* Connected to 39.107.204.247 (39.107.204.247) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 39.107.204.247
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.12.2
< Date: Thu, 11 Oct 2018 01:55:06 GMT
< Content-Type: text/html
< Content-Length: 3700
< Last-Modified: Tue, 06 Mar 2018 09:26:21 GMT
< Connection: keep-alive
< ETag: "5a9e5ebd-e74"
< Accept-Ranges: bytes
<
....省略 html 内容
[[email protected] ~]# firewall-cmd --list-all
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: ssh dhcpv6-client http https mysql
ports: 80/tcp 443/tcp 3306/tcp 3611/tcp 9000/tcp
protocols:
masquerade: no
forward-ports: port=80:proto=tcp:toport=8080:toaddr=
port=443:proto=tcp:toport=8443:toaddr=
source-ports:
icmp-blocks:
rich rules:
[[email protected] ~]# ps -ef|grep nginx
root 20510 1 0 10 月 10 ? 00:00:00 nginx: master process /usr/sbin/nginx
nginx 20511 20510 0 10 月 10 ? 00:00:00 nginx: worker process
nginx 20512 20510 0 10 月 10 ? 00:00:00 nginx: worker process
root 23573 23536 0 10:00 pts/0 00:00:00 grep --color=auto nginx
想不出来啥原因, 请大佬指点
备注: 此台服务器还有一个 java 程序, 关闭 firewalld 则无法访问该程序, 但把该 java 程序关闭掉, 现象也是和上面一样, 所以应该不是该 java 程序的原因