nginx服务器永远不会解析

时间:2016-01-20 06:45:35

标签: linux nginx tcp iptables

我已经设置了一个nginx服务器,它是端口80到http://127.0.0.1:3000的代理,但请求永远不会通过。它只是无限加载。

我试过了sudo /sbin/iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT。我试过了sudo setsebool -P httpd_can_network_connect true。我也试过了sudo setsebool -P httpd_can_network_connect false。我试过semanage port -a -t http_port_t -p tcp 80

来自sudo netstat -tulpn的输出

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State           PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      13916/nginx: master 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1640/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1247/master         
tcp6       0      0 :::80                   :::*                    LISTEN      13916/nginx: master 
tcp6       0      0 :::22                   :::*                    LISTEN      1640/sshd           
tcp6       0      0 :::3000                 :::*                    LISTEN      14773/node          
tcp6       0      0 ::1:25                  :::*                    LISTEN      1247/master         
udp        0      0 0.0.0.0:68              0.0.0.0:*                           484/dhclient        
udp        0      0 127.0.0.1:323           0.0.0.0:*                           451/chronyd         
udp        0      0 0.0.0.0:1510            0.0.0.0:*                           484/dhclient        
udp6       0      0 ::1:323                 :::*                                451/chronyd         
udp6       0      0 :::1458                 :::*                                       484/dhclient

iptables -L

的输出 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

nginx config:

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
#set open file descriptor limit to 30000
#worker_rlimit_nofile 30000;
events {
    worker_connections 1024;
    #worker_processes = 4;
}


http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    upstream dashboard {
        server 127.0.0.1:3000;
    }
    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    # include /etc/nginx/conf.d/*.conf;
    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  ec2-x-x-x-x.compute-1.amazonaws.com;
        #root        /home/ec2-user/dashboard;

        # Load configuration files for the default server block.
        # include /etc/nginx/default.d/*.conf;  


        location / {
         proxy_pass http://127.0.0.1:3000;
        }

    }
}

1 个答案:

答案 0 :(得分:1)

您可以使用audit2why和audit2allow 像(centos风格)的东西:

tail -1000 /var/log/auditd/audit.log | grep nginx | audit2why

当然,你可以通过curl localhost:3000

检查后端是否还活着
相关问题
最新问题