我有一台带有一个外部IP地址的SmartOS机器。 我的一个网站需要回送访问。 但是,如果我尝试
curl https://www.example.com 它只是在一个区域内超时。 从全局区域中,我收到以下错误信息:
connect to 1.2.3.4 port 443 failed: Connection refused
我的防火墙是这样设置的( /etc/ipf/ipf.conf ):
## Allow Inbound Ports pass in quick on vioif0 proto tcp from any to any port = 22 keep state pass in quick on vioif0 proto tcp from any to any port = 80 keep state pass in quick on vioif0 proto tcp from any to any port = 443 keep state pass in quick on vioif0 proto icmp from any to any icmp-type echo ## Allow Out Ports pass out quick on vioif0 all keep state ## Block all else block in quick log first on vioif0 all block out quick log first on vioif0 all
也许这也是NAT导致的问题( /etc/ipf/ipnat.conf ):
rdr vioif0 from any to any port = 80 -> 10.0.0.2 port 80 tcp rdr vioif0 from any to any port = 443 -> 10.0.0.2 port 443 tcp map vioif0 from 10.0.0.0/24 to any -> 0/32 proxy port ftp ftp/tcp map vioif0 from 10.0.0.0/24 to any -> 0/32 portmap tcp/udp auto map vioif0 from 10.0.0.0/24 to any -> 0/32
任何指针?