本文探讨了端口监听配置导致的连接失败问题,并提供了如何修改配置以允许远程连接的具体步骤。通过更改监听地址和调整防火墙设置,解决了特定端口无法从外部主机访问的问题。
如果系统某个端口6379绑定监听ip127.0.0.1,则该端口只会通过来自这个ip的连接请求,拒绝非监听ip主机的连接。
telnet 10.10.86.211 9000
Trying 10.10.86.211...
telnet: connect to address 10.10.86.211: Connection refused
另外一个原因:防火墙拦截。(只需要在被telnet服务器的firewall中放开相应主机ip,端口即可)
若为该端口绑定监听ip,而造成connection refused,分析解决:
[root@localhost xinetd.d]# netstat -anp |grep 6379
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 12159/redis-server
tcp 0 0 127.0.0.1:40345 127.0.0.1:6379 ESTABLISHED 14735/python
tcp 0 0 127.0.0.1:6379 127.0.0.1:40337 ESTABLISHED 12159/redis-server
tcp 0 0 127.0.0.1:6379 127.0.0.1:40335 ESTABLISHED 12159/redis-server
tcp 0 0 127.0.0.1:40339 127.0.0.1:6379 ESTABLISHED 14735/python
tcp 0 0 127.0.0.1:40343 127.0.0.1:6379 ESTABLISHED 14735/python
tcp 0 0 127.0.0.1:40347 127.0.0.1:6379 ESTABLISHED 14735/python
tcp 0 0 127.0.0.1:6379 127.0.0.1:40345 ESTABLISHED 12159/redis-server
可知6379端口监听本地地址127.0.0.1
或者修改配置文档(比如redis,/etc/redis.cnf)
vim /etc/redis.cnf
bind 127.0.0.1前面添加#,则6379端口不会只监听本地ip
$ telnet 10.10.86.211 6379
[root@localhost xinetd.d]# netstat -anp |grep 6379
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN 12341/redis-server
tcp 0 0 10.10.86.211:6379 10.10.86.200:52808 ESTABLISHED 12341/redis-server
tcp6 0 0 :::6379 :::* LISTEN 12341/redis-server
tcp6 0 0 ::1:6379 ::1:54007 ESTABLISHED 12341/redis-server
tcp6 0 0 ::1:6379 ::1:54009 ESTABLISHED 12341/redis-server
tcp6 0 0 ::1:54009 ::1:6379 ESTABLISHED 14735/python
tcp6 0 0 ::1:6379 ::1:54005 ESTABLISHED 12341/redis-server
tcp6 0 0 ::1:54006 ::1:6379 ESTABLISHED 14735/python
tcp6 0 0 ::1:6379 ::1:54008 ESTABLISHED 12341/redis-server
显示其他ip可以telnet服务器该端口。
转载于:https://blog.51cto.com/jschu/1693886
扫一扫
706
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
