Linux
連接到遠端伺服器上的 sphinx
我最近將 sphinx 移動到與我們的數據庫相同的伺服器上,所以我們的架構是:
- 託管我們的網路應用程序的文件伺服器
- 帶 Sphinx 實例的數據庫伺服器(搜尋)
當我嘗試連接到 sphinx 時,
ip.to.db.server
出現以下錯誤:
Sphinx response connection to ip.to.db.server:9312 failed (errno=113, msg=No route to host)
為了讓我的網路應用程序可以訪問埠 9312,我需要做些什麼特別的事情嗎?
目前
TCP
埠LISTEN
:tcp 0 0 0.0.0.0:9306 0.0.0.0:* LISTEN 23496/searchd tcp 0 0 0.0.0.0:9312 0.0.0.0:* LISTEN 23496/searchd
輸出
iptables -L
:Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh /* SSH */ ACCEPT tcp -- anywhere anywhere tcp dpt:lmsocialserver /* monit */ ACCEPT tcp -- anywhere anywhere tcp dpt:https /* HTTPS */ ACCEPT tcp -- anywhere anywhere tcp dpt:webcache /* HTTPProxy */ ACCEPT tcp -- anywhere anywhere tcp dpt:http /* HTTP */ ACCEPT tcp -- anywhere anywhere tcp dpt:mysql /* MySQL */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- anywhere anywhere /* localhost */ ACCEPT icmp -- anywhere anywhere icmp any /* ping */ ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- anywhere anywhere
到目前為止,我已經做了很多搜尋,但沒有運氣。任何幫助深表感謝。
和
問題是
IPTABLES
阻止我的遠端連接,所以我添加了兩行以確保安全:
vi /etc/sysconfig/iptables
添加以下行:
-A RH-Firewall-1-INPUT -i eth1 -p tcp -m tcp --dport 9312 -m comment --comment "Sphinx" -j ACCEPT -A RH-Firewall-1-INPUT -s your.remote.ip.address/32 -i eth0 -p tcp -m tcp --dport 9312 -j ACCEPT
將埠調整
9312
為您有 sphinx 偵聽的埠。然後我跑了
service iptables restart
,獅身人面像開始了!感謝@mdpc 和@sciurus 為我指明了正確的方向。
NOTE:
Rackspace 使用RH-Firewall-1-INPUT
,但您可能需要使用 justINPUT
或其他東西