主页 / computer / 问题 / 1470863
Accepted
pietrodito
Asked: 2019-08-14 07:11:32 +0800 CST

使用 uscoket 库用 sbcl 编写的简单服务器在 AWS 实例上不起作用

  • 772

标题是明确的。

可重现的步骤

* 在 80 端口上使用 HTTP 规则在 AWS 上启动一个 Ubuntu 实例

* 安装 sbcl

sudo apt install sbcl -y

* 为 root 安装 usocket 库

请参阅下一步以了解我为什么以 root 身份执行此操作

curl -O https://beta.quicklisp.org/quicklisp.lisp
sudo sbcl --load quicklisp.lisp

下一行需要输入 sbcl REPL

(quicklisp-quickstart:install)
(ql:add-to-init-file)
(ql:quickload "usocket")

* 使用 Land of Lisp 示例 ( http://landoflisp.com/ )

在一个名为server.lisp

(require 'usocket)

(defun http-char (c1 c2 &optional (default #\Space))
  (let ((code (parse-integer
               (coerce (list c1 c2) 'string)
               :radix 16
               :junk-allowed t)))
    (if code
        (code-char code)
        default)))

(defun decode-param (s)
  (labels ((f (lst)
             (when lst
               (case (car lst)
                 (#\% (cons (http-char (cadr lst) (caddr lst))
                            (f (cdddr lst))))
                 (#\+ (cons #\space (f (cdr lst))))
                 (otherwise (cons (car lst) (f (cdr lst))))))))
    (coerce (f (coerce s 'list)) 'string)))

(defun parse-params (s)
  (let* ((i1 (position #\= s))
         (i2 (position #\& s)))
    (cond (i1 (cons (cons (intern (string-upcase (subseq s 0 i1)))
                          (decode-param (subseq s (1+ i1) i2)))
                    (and i2 (parse-params (subseq s (1+ i2))))))
          ((equal s "") nil)
          (t s))))

(defun parse-url (s)
  (let* ((url (subseq s
                      (+ 2 (position #\space s))
                      (position #\space s :from-end t)))
         (x (position #\? url)))
    (if x
        (cons (subseq url 0 x) (parse-params (subseq url (1+ x))))
        (cons url '()))))


(defun get-header (stream)
  (let* ((s (read-line stream))
         (h (let ((i (position #\: s)))
              (when i
                (cons (intern (string-upcase (subseq s 0 i)))
                      (subseq s (+ i 2)))))))
    (when h
      (cons h (get-header stream)))))

(defun get-content-params (stream header)
  (let ((length (cdr (assoc 'content-length header))))
    (when length
      (let ((content (make-string (parse-integer length))))
        (read-sequence content stream)
        (parse-params content)))))

(defun serve (request-handler)
  (let ((socket (usocket:socket-listen #(127 0 0 1) 80)))
    (unwind-protect
         (loop (with-open-stream (stream (usocket:socket-stream
                                          (usocket:socket-accept socket)))
                 (let* ((url    (parse-url (read-line stream)))
                        (path   (car url))
                        (header (get-header stream))
                        (params (append (cdr url)
                                        (get-content-params stream header)))
                        (*standard-output* stream))
                   (funcall request-handler path header params))))
      (usocket:socket-close socket))))

(defun hello-request-handler (path header params)
  (if (equal path "greeting")
      (let ((name (assoc 'name params)))
        (if (not name)
            (princ "<html><form>What is your name?<input name='name'/></form></html>")
            (format t "<html>Nice to meet you, ~a!</html>" (cdr name))))
      (princ "Sorry... I don't know that page")))

(serve #'hello-request-handler)

然后以 root 身份启动服务器:

sudo sbcl --load "server.lisp"

我正在使用 root,因为我无法摆脱普通用户的以下错误消息

The condition Socket error in "bind": 13 (Permission denied) occurred with errno :0.

然后一切似乎都是正确的,但我无法使用以下标准浏览器访问服务器:

http://IPv4.Public.IP:80

* 补充诊断:

AWS 安全组/入站规则

╔══════╦══════════╦════════════╦═══════════╗
║ Type ║ Protocol ║ Port Range ║  Source   ║
╠══════╬══════════╬════════════╬═══════════╣
║ HTTP ║ TCP      ║         80 ║ 0.0.0.0/0 ║
║ HTTP ║ TCP      ║         80 ║ ::/0      ║
║ SSH  ║ TCP      ║         22 ║ 0.0.0.0/0 ║
╚══════╩══════════╩════════════╩═══════════╝

iptables

sudo iptables -L -v

Chain INPUT (policy ACCEPT 346 packets, 23760 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 244 packets, 32428 bytes)
 pkts bytes target     prot opt in     out     source               destination

sudo iptables -t nat -L -v

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

在服务器上卷曲

curl 127.0.0.1

Sorry... I don't know that page

不出所料!

从远程机器 ping

需要将自定义 ICMP 规则添加到入站安全组策略(现在我知道ping正在使用 ICMP ...)

ping 35.180.138.87

64 bytes from 35.180.138.87: icmp_seq=1 ttl=49 time=173 ms
64 bytes from 35.180.138.87: icmp_seq=2 ttl=49 time=32.2 ms
^C
--- 35.180.138.87 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1005ms
rtt min/avg/max/mdev = 32.248/102.884/173.520/70.636 ms

从远处的机器卷曲

curl 35.180.138.87

curl: (7) Failed to connect to 35.180.138.87 port 80: Connection refused

网络统计

netstat -nlp

Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 127.0.0.1:80            0.0.0.0:*               LISTEN      -

带有端口 80 的这一行仅在我的服务器运行时出现。

http amazon-web-services

2 个回答

  1. 尝试 ping 公共 IPV4 以确保您可以访问它。

    如果确实达到了它,请检查端口 80 的 iptables/firewalld 规则(es. iptables -L...)

    如果防火墙正常,请检查服务器是否在所有网络接口上绑定,而不仅仅是在环回 (127.0.0.1) 上绑定netstat -nlp。还要检查其他程序是否绑定到端口 80。

    您还可以测试curl 127.0.0.1以检查服务器是否确实在为该页面提供服务而您没有访问它,或者服务器是否整体损坏。

    还要确保您在 AWS 上设置的端口 80 上的 HTTP 规则位于与您的实例关联的安全组中。

    • 0
  2. Best Answer

    问题出在用于打开套接字的 ip 地址,即127.0.0.1

    我曾尝试使用 AWS 提供的 IPv4 地址,但这不是解决方案

    相反,必须从主机服务器搜索 ip 地址:

    sudo ip addr

    答案是例如111.111.111.111

    然后在 lisp 代码中使用找到的地址

    (let ((socket (usocket:socket-listen #(111 111 111 111) 80)))
    • 0

相关问题