我的 Ubuntu Server 20.04 LTS 有一个奇怪的问题
背景简介:
我安装了 nginx 并且在设置letsencrypt时遇到了很多麻烦。尝试使用静态提供的文件进行此操作,它不断表示连接被拒绝。我恢复到原来的 nginx 默认配置,从 localhost 我看到 HTML 中的页面内容“欢迎使用 NGINX”,但是从多个外部来源,我不断收到连接被拒绝。
配置 默认NGINX配置(直接复制+粘贴)
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
try_files $uri $uri/ =404;
# proxy_pass http://localhost:8080;
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection 'upgrade';
# proxy_set_header Host $host;
# proxy_cache_bypass $http_upgrade;
}
}
使用 curl,我尝试从远程站点连接到端口 80:
curl http://my-domain.com
回应
curl: (7) Failed to connect to my-domain.com port 80: Connection refused
其他信息:
添加到启用站点的活动 NGINX 配置
blms@my-domain:/etc/nginx/sites-enabled$ ls -la
total 8
drwxr-xr-x 2 root root 4096 Sep 28 03:57 .
drwxr-xr-x 8 root root 4096 Sep 28 03:29 ..
lrwxrwxrwx 1 root root 34 Sep 28 03:57 default -> /etc/nginx/sites-available/default
Nginx 服务状态:活动(未报告错误)
blms@my-domain:~$ sudo systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2020-09-28 03:57:26 UTC; 6min ago
Docs: man:nginx(8)
Process: 2901 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 2912 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 2913 (nginx)
Tasks: 2 (limit: 1074)
Memory: 2.6M
CGroup: /system.slice/nginx.service
├─2913 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─2914 nginx: worker process
Sep 28 03:57:25 my-domain.com systemd[1]: Starting A high performance web server and a reverse proxy server...
Sep 28 03:57:26 my-domain.com systemd[1]: Started A high performance web server and a reverse proxy server.
已确认 HTTP Server 在端口 80 上侦听:
blms@my-domain:~$ sudo ss -tlp | grep http
LISTEN 0 511 0.0.0.0:http 0.0.0.0:* users:(("nginx",pid=2914,fd=6),("nginx",pid=2913,fd=6))
LISTEN 0 511 [::]:http [::]:* users:(("nginx",pid=2914,fd=7),("nginx",pid=2913,fd=7))
iptables 允许所有连接
blms@my-domain:~$ sudo iptables -L -v
Chain INPUT (policy ACCEPT 2936 packets, 238K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2567 packets, 393K bytes)
pkts bytes target prot opt in out source destination
坦率地说,我很困惑。我也重启了也没用。
有什么建议么?
更新
使用 IP 地址卷曲
curl x.y.z.a:80
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0
curl: (7) Failed to connect to x.y.z.a port 80: Connection refused
在服务器本身上卷曲 localhost
curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
问题的原因是我自己的原因之一。
问题是我没有刷新我的 NAT 表。我使用
iptables -F -t nat
. 这解决了问题。我将这个答案留在这里,希望它可以帮助其他人。