Ubuntu
nginx 連接被遠端拒絕,但 localhost 連接
我的 Ubuntu Server 20.04 LTS 有一個奇怪的問題
背景簡介:
我安裝了 nginx 並且在設置letsencrypt時遇到了很多麻煩。嘗試使用靜態提供的文件進行此操作,它不斷表示連接被拒絕。我恢復到原來的 nginx 預設配置,從 localhost 我看到 HTML 中的頁面內容“歡迎使用 NGINX”,但是從多個外部來源,我不斷收到連接被拒絕。
配置 預設NGINX配置(直接複製+粘貼)
server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; index index.html index.htm index.nginx-debian.html; server_name _; try_files $uri $uri/ =404; # proxy_pass http://localhost:8080; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection 'upgrade'; # proxy_set_header Host $host; # proxy_cache_bypass $http_upgrade; } }
使用 curl,我嘗試從遠端站點連接到埠 80:
curl http://my-domain.com
回應
curl: (7) Failed to connect to my-domain.com port 80: Connection refused
其他資訊:
添加到啟用站點的活動 NGINX 配置
blms@my-domain:/etc/nginx/sites-enabled$ ls -la total 8 drwxr-xr-x 2 root root 4096 Sep 28 03:57 . drwxr-xr-x 8 root root 4096 Sep 28 03:29 .. lrwxrwxrwx 1 root root 34 Sep 28 03:57 default -> /etc/nginx/sites-available/default
Nginx 服務狀態:活動(未報告錯誤)
blms@my-domain:~$ sudo systemctl status nginx ● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2020-09-28 03:57:26 UTC; 6min ago Docs: man:nginx(8) Process: 2901 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 2912 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Main PID: 2913 (nginx) Tasks: 2 (limit: 1074) Memory: 2.6M CGroup: /system.slice/nginx.service ├─2913 nginx: master process /usr/sbin/nginx -g daemon on; master_process on; └─2914 nginx: worker process Sep 28 03:57:25 my-domain.com systemd[1]: Starting A high performance web server and a reverse proxy server... Sep 28 03:57:26 my-domain.com systemd[1]: Started A high performance web server and a reverse proxy server.
已確認 HTTP Server 在埠 80 上偵聽:
blms@my-domain:~$ sudo ss -tlp | grep http LISTEN 0 511 0.0.0.0:http 0.0.0.0:* users:(("nginx",pid=2914,fd=6),("nginx",pid=2913,fd=6)) LISTEN 0 511 [::]:http [::]:* users:(("nginx",pid=2914,fd=7),("nginx",pid=2913,fd=7))
iptables 允許所有連接
blms@my-domain:~$ sudo iptables -L -v Chain INPUT (policy ACCEPT 2936 packets, 238K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 2567 packets, 393K bytes) pkts bytes target prot opt in out source destination
坦率地說,我很困惑。我也重啟了也沒用。
有什麼建議麼?
更新
使用 IP 地址捲曲
curl x.y.z.a:80 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0 curl: (7) Failed to connect to x.y.z.a port 80: Connection refused
在伺服器本身上捲曲 localhost
curl localhost <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
問題的原因是我自己的原因之一。
問題是我沒有刷新我的 NAT 表。我使用
iptables -F -t nat
. 這解決了問題。我將這個答案留在這裡,希望它可以幫助其他人。