其他PC无法访问Tomcat URL

Posted 2021-03-31

我正在使用openstack启动Red Hat Enterprise Linux Server 7.5版（Maipo）并在其中安装apache tomcat 9.0.17，部署一个Web应用程序，但是我无法通过我的另一个Windows PC访问这个tomcat url例如http://10.157.166.142:8080在同一个内部网络中。但我可以在linux中使用它。

而且我还添加了以下catalina.sh来绑定ipv4并且在进行此更改之前，它仅绑定到ipv6，但仍然不被其他PC访问

JAVA_OPTS=" $JAVA_OPTS -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true "

curl -v http://localhost:8080工作正常。

ip：192.168.0.14 elastic ip：10.157.166.142

[root@bigdata]# netstat -tupln | grep :8080
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               
LISTEN      21373/java

[root@bigdata bin]# service iptables status
  Redirecting to /bin/systemctl status iptables.service
  ● iptables.service - IPv4 firewall with iptables
     Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; 
  vendor preset: disabled)
     Active: inactive (dead)

使用tcpdump，我尝试从我的Windows PC访问并获取以下日志：

[root@bigdata docker.service.d]# tcpdump -i eth0 port 8080
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:32:07.738897 IP 10.141.174.148.54346 > bigdata.novalocal.webcache: Flags [S], seq 2866917131, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:07.741243 IP 10.141.174.148.54347 > bigdata.novalocal.webcache: Flags [S], seq 3985678636, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:07.990685 IP 10.141.174.148.54350 > bigdata.novalocal.webcache: Flags [S], seq 577076481, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:10.739649 IP 10.141.174.148.54346 > bigdata.novalocal.webcache: Flags [S], seq 2866917131, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:10.741583 IP 10.141.174.148.54347 > bigdata.novalocal.webcache: Flags [S], seq 3985678636, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:10.990666 IP 10.141.174.148.54350 > bigdata.novalocal.webcache: Flags [S], seq 577076481, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:16.738767 IP 10.141.174.148.54346 > bigdata.novalocal.webcache: Flags [S], seq 2866917131, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:16.741559 IP 10.141.174.148.54347 > bigdata.novalocal.webcache: Flags [S], seq 3985678636, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:32:16.990632 IP 10.141.174.148.54350 > bigdata.novalocal.webcache: Flags [S], seq 577076481, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

[root@bigdata docker.service.d]# lsof -i :8080 | grep LISTEN
java    21373 root   54u  IPv4 90812729      0t0  TCP *:webcache (LISTEN)

答案

检查防火墙规则一次。默认情况下，可能无法打开端口8080。在部署应用程序的计算机上，您必须向iptables添加新规则才能打开该端口。

1. 编辑iptables vi /etc/sysconfig/iptables
2. 添加新规则以打开端口8080，如下所示-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
3. 保存文件并退出esc+:+w+q或检查this link以查看保存更改后如何退出vi编辑器
4. 用/etc/init.d/iptables restart重新加载iptables

另一答案

谢谢Yogesh Badke。并添加以下规则的工作原理。

-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT