如何解决LInux iptables firewalld问题吗?无法从php连接到elasticsearch集群中找不到活动节点
一切都还好,但是我在防火墙和iptables中添加了一些内容,并且服务器消失了:))
不,我对elastticsearch有问题 在本地(在服务器上)都可以(卷曲返回数据可以),但是似乎php无法在端口上连接,elasticsearch错误类似于弹性关闭或无法连接:在群集中找不到活动节点
哪里有问题? 谢谢
netstat -a -o -n | grep LISTEN
tcp 0 0 0.0.0.0:11211 0.0.0.0:* LISTEN off (0.00/0/0)
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN off (0.00/0/0)
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN off (0.00/0/0)
tcp6 0 0 :::7786 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::3306 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::11211 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::7788 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::111 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::80 :::* LISTEN off (0.00/0/0)
tcp6 0 0 127.0.0.1:9200 :::* LISTEN off (0.00/0/0)
tcp6 0 0 127.0.0.1:9300 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::21 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::22 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::443 :::* LISTEN keepalive (0.85/0/0)
unix 2 [ ACC ] STREAM LISTENING 9729 /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 13343 /run/systemd/journal/stdout
unix 2 [ ACC ] SEQPACKET LISTENING 21564 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 40079 /var/lib/mysql/mysql.sock
unix 2 [ ACC ] STREAM LISTENING 21635 /run/lvm/lvmpolld.socket
unix 2 [ ACC ] STREAM LISTENING 22167 /var/run/abrt/abrt.socket
unix 2 [ ACC ] STREAM LISTENING 21708 /run/lvm/lvmetad.socket
unix 2 [ ACC ] STREAM LISTENING 20702 /var/run/lsm/ipc/sim
unix 2 [ ACC ] STREAM LISTENING 20704 /var/run/lsm/ipc/simc
unix 2 [ ACC ] STREAM LISTENING 10723 /var/run/rpcbind.sock
unix 2 [ ACC ] STREAM LISTENING 10727 /var/run/dbus/system_bus_socket
iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N FORWARD_IN_ZONES
-N FORWARD_IN_ZONES_SOURCE
-N FORWARD_OUT_ZONES
-N FORWARD_OUT_ZONES_SOURCE
-N FORWARD_direct
-N FWDI_public
-N FWDI_public_allow
-N FWDI_public_deny
-N FWDI_public_log
-N FWDO_public
-N FWDO_public_allow
-N FWDO_public_deny
-N FWDO_public_log
-N INPUT_ZONES
-N INPUT_ZONES_SOURCE
-N INPUT_direct
-N IN_public
-N IN_public_allow
-N IN_public_deny
-N IN_public_log
-N OUTPUT_direct
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j INPUT_direct
-A INPUT -j INPUT_ZONES_SOURCE
-A INPUT -j INPUT_ZONES
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -j FORWARD_direct
-A FORWARD -j FORWARD_IN_ZONES_SOURCE
-A FORWARD -j FORWARD_IN_ZONES
-A FORWARD -j FORWARD_OUT_ZONES_SOURCE
-A FORWARD -j FORWARD_OUT_ZONES
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -j OUTPUT_direct
-A FORWARD_IN_ZONES -g FWDI_public
-A FORWARD_OUT_ZONES -g FWDO_public
-A FWDI_public -j FWDI_public_log
-A FWDI_public -j FWDI_public_deny
-A FWDI_public -j FWDI_public_allow
-A FWDI_public -p icmp -j ACCEPT
-A FWDO_public -j FWDO_public_log
-A FWDO_public -j FWDO_public_deny
-A FWDO_public -j FWDO_public_allow
-A INPUT_ZONES -g IN_public
-A IN_public -j IN_public_log
-A IN_public -j IN_public_deny
-A IN_public -j IN_public_allow
-A IN_public -p icmp -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 9200 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 9300 -m conntrack --ctstate NEW -j ACCEPT
也停止在Java应用中使用逆向代理
<VirtualHost *:80>
ServerName example.com
ProxyPass / http://127.0.0.1:7735/
ProxyPassReverse / http://127.0.0.1:7735/
RewriteEngine on
</VirtualHost>
并且php连接到mysql跨主机127.0.0.1也不起作用,但是从php跨本地主机连接是可以的
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。