服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 连接到远程服务器上的狮身人面像
Intereting Posts
PHP 5.3.2或5.2.14 通过非pipe理帐户访问SQL Server Reporting Services 缺less用于手机的VPN的Strongswan路由的iptables规则 VDSL的最大传输单元 我怎样才能在我的工作站和EC2之间同步文件,而无需每次都手动login我的EC2? 从Windows 7格式化ext3磁盘空间 Windows 2012 R2 RRAS VPN带宽问题(与2008 R2一起运行良好) SSH连接挂起,但最终连接 Apache:每个SSL客户端更改PHP suexec用户/组 清漆后端慢启动 这个内核恐慌的原因是什么? Windowssearch不会返回父文件夹的所有结果 Windows XP中的组策略首选项事件ID Microsoft Security Essentials可以从一台中央PC远程安装到多台PC上吗? Windows服务器build立VPN会话后,不能RDP到Windows服务器

连接到远程服务器上的狮身人面像

我最近把sphinx移到了和我们的db相同的服务器上,所以我们的架构是:

  1. 托pipe我们的Web应用程序的文件服务器
  2. 具有Sphinx实例的数据库服务器(searchd)

当我尝试连接到sphinx在ip.to.db.server我得到以下错误:

Sphinx response connection to ip.to.db.server:9312 failed (errno=113, msg=No route to host)

有什么特别的我需要做的,使端口9312访问我的networking应用程序?

当前TCP端口LISTEN ing: 

 tcp 0 0 0.0.0.0:9306 0.0.0.0:* LISTEN 23496/searchd tcp 0 0 0.0.0.0:9312 0.0.0.0:* LISTEN 23496/searchd

iptables -L输出: 

 Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh /* SSH */ ACCEPT tcp -- anywhere anywhere tcp dpt:lmsocialserver /* monit */ ACCEPT tcp -- anywhere anywhere tcp dpt:https /* HTTPS */ ACCEPT tcp -- anywhere anywhere tcp dpt:webcache /* HTTPProxy */ ACCEPT tcp -- anywhere anywhere tcp dpt:http /* HTTP */ ACCEPT tcp -- anywhere anywhere tcp dpt:mysql /* MySQL */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- ipremoved_by_poster anywhere /* Rackspace monitoring */ ACCEPT all -- anywhere anywhere /* localhost */ ACCEPT icmp -- anywhere anywhere icmp any /* ping */ ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- anywhere anywhere

到目前为止,我已经做了很多search,没有运气。 任何帮助深表感谢。

Ë

问题是IPTABLES阻止我的远程连接,所以我添加了两行是安全的:

vi /etc/sysconfig/iptables

添加以下几行: 

 -A RH-Firewall-1-INPUT -i eth1 -p tcp -m tcp --dport 9312 -m comment --comment "Sphinx" -j ACCEPT -A RH-Firewall-1-INPUT -s your.remote.ip.address/32 -i eth0 -p tcp -m tcp --dport 9312 -j ACCEPT

把端口9312调整到狮身人面像正在监听的任何端口。

然后我跑service iptables restart和狮身人面像是一去!

感谢@mdpc和@sciurus指向正确的方向。

NOTE: Rackspace使用RH-Firewall-1-INPUT ,但您可能只需要使用INPUT ,或者不同的东西