似乎无法在Ubuntu EC2实例上打开端口8787或3939,但是22和80打开得很好
似乎无法在Ubuntu EC2实例上打开端口8787或3939,但是22和80打开得很好
提问于 2019-04-02 09:53:07
我读过这个答案,但为了我的一生,我想不出这个答案。
我有一个Ubuntu18 EC2实例运行RStudio服务器和RStudio连接,分别使用默认配置和监听端口8787和3939。
以下是我的配置文件:
ubuntu@EC2:~$ cat /etc/rstudio/rserver.conf
# Server Configuration File
#
#
ubuntu@EC2:~$ sudo cat /etc/rstudio-connect/rstudio-connect.gcfg
; RStudio Connect configuration file
[Server]
; SenderEmail is an email address used by RStudio Connect to send outbound
; email. The system will not be able to send administrative email until this
; setting is configured.
;
; SenderEmail = account@company.com
SenderEmail =
; Address is a public URL for this RStudio Connect server. Must be configured
; to enable features like including links to your content in emails. If
; Connect is deployed behind an HTTP proxy, this should be the URL for Connect
; in terms of that proxy.
;
; Address = https://rstudio-connect.company.com
Address =
[HTTP]
; RStudio Connect will listen on this network address for HTTP connections.
Listen = :3939
[Authentication]
; Specifies the type of user authentication.
Provider = password以下是我尝试过的:
- 为端口8787、3939和我的安全组中的所有TCP端口创建入站规则。
- 检查实例所在的子网的Network
- 确保rstudio-server和rstudio-connect在所有接口上运行和侦听,而不仅仅是本地主机。
ubuntu@EC2:~$ netstat -ltpn
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8787 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp6 0 0 :::8787 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::3939 :::* LISTEN -- 检查ufw是不活动的
ubuntu@EC2:~$ sudo ufw status
Status: inactive- 为端口8787创建了iptable规则
ubuntu@EC2:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:8787
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination 我仍然不能从外部进入8787或3939端口。但是,我可以使用Lynx在主机上访问它们。
如果我将RStudio服务器的配置更改为让它使用端口80,则可以从外部访问它,但它不能用于端口8787或3939。
有什么好办法解决的吗?
回答 1
Stack Overflow用户
回答已采纳
发布于 2019-04-02 11:54:34
我只是自己想出了答案。我的配置完全没有问题。开放我的安全组中的所有TCP端口有点过分,可能而且完全没有必要,所以不要这样做。
问题是,我所连接的企业网络阻塞了某些非标准端口上到外部主机的出站流量,。
如果您与我处于同一条船上,并且需要在同一个EC2实例上承载2个服务,但不知道哪些端口不可用/被组织阻塞,那么您可以使用nmap和portquiz.net来确定它。
nmap是端口扫描器,portquiz.net是侦听所有TCP端口上的连接的服务。您可以在您感兴趣的一系列TCP端口上使用nmap扫描主机,并查看哪些端口显示为打开的
nmap -v -p0-8000 portquiz.net
Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-02 16:47 IST
Initiating Ping Scan at 16:47
Scanning portquiz.net (5.196.70.86) [2 ports]
Completed Ping Scan at 16:47, 0.13s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 16:47
Completed Parallel DNS resolution of 1 host. at 16:47, 0.14s elapsed
Initiating Connect Scan at 16:47
Scanning portquiz.net (5.196.70.86) [8001 ports]
Discovered open port 22/tcp on 5.196.70.86
Discovered open port 80/tcp on 5.196.70.86
Discovered open port 443/tcp on 5.196.70.86
Discovered open port 21/tcp on 5.196.70.86
Discovered open port 4080/tcp on 5.196.70.86
Completed Connect Scan at 16:48, 84.98s elapsed (8001 total ports)
Nmap scan report for portquiz.net (5.196.70.86)
Host is up (0.13s latency).
rDNS record for 5.196.70.86: electron.positon.org
Not shown: 7996 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
443/tcp open https
4080/tcp open lorica-in这里有4080和80打开,这意味着公司防火墙不会阻塞这些端口的出站通信。在分别将RStudio服务器和RStudio连接配置为侦听端口80和4080之后,我现在可以从外部访问这两个服务。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/55471808
复制相关文章
相似问题
腾讯云开发者
