我试图在我的amazon linux ami机器上设置从端口80到端口8080的端口转发。
我跑了
$ sudo /sbin/iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
并validation了结果:
$ sudo iptables --table nat --list Chain PREROUTING (policy ACCEPT) target prot opt source destination REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8080 Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination
但请求端口80不起作用:
$ wget http://localhost:80 --2017-09-25 08:51:27-- http://localhost/ Resolving localhost (localhost)... 127.0.0.1 Connecting to localhost (localhost)|127.0.0.1|:80... failed: Connection refused.
而港口8080工作正常:
$ wget http://localhost:8080 --2017-09-25 08:51:39-- http://localhost:8080/ Resolving localhost (localhost)... 127.0.0.1 Connecting to localhost (localhost)|127.0.0.1|:8080... connected.
我怎样才能让端口80成为端口8080的别名?
附加信息:
$ cat /proc/sys/net/ipv4/ip_forward 1 $ sudo sysctl -a | grep ip_forward net.ipv4.ip_forward = 1 net.ipv4.ip_forward_use_pmtu = 0 error: "Input/output error" reading key "net.ipv6.conf.all.stable_secret" error: "Input/output error" reading key "net.ipv6.conf.default.stable_secret" error: "Input/output error" reading key "net.ipv6.conf.eth0.stable_secret" error: "Input/output error" reading key "net.ipv6.conf.lo.stable_secret"
实际上,端口转发是有效的,但是对localhost不起作用。 但是,从外面访问端口工作得很好。
我仍然不知道, 为什么它不适用于localhost但目前对我来说并不重要。