Ufw 允许 http 流量流出

2024-6-9 • tag-icon

我有一台安装了 ubuntu 20 的服务器ufw，这是我的规则

To                         Action      From
--                         ------      ----
22/tcp                     LIMIT       Anywhere                  
Nginx Full                 ALLOW       Anywhere                  
5000                       ALLOW       Anywhere                  
25                         ALLOW       Anywhere                  
22                         LIMIT       Anywhere                   # allow SSH connections in
80/tcp                     ALLOW       Anywhere                  
443/tcp                    ALLOW       Anywhere                   # allow https traffic update
Apache Full                ALLOW       Anywhere                  
587                        ALLOW       Anywhere                  
993                        ALLOW       Anywhere                   # godaddy IMAP
995                        ALLOW       Anywhere                   # godaddy POP3
465                        ALLOW       Anywhere                   # godaddy SMTP
SMTPTLS                    ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
22/tcp (v6)                LIMIT       Anywhere (v6)             
Nginx Full (v6)            ALLOW       Anywhere (v6)             
5000 (v6)                  ALLOW       Anywhere (v6)             
25 (v6)                    ALLOW       Anywhere (v6)             
22 (v6)                    LIMIT       Anywhere (v6)              # allow SSH connections in
80/tcp (v6)                ALLOW       Anywhere (v6)             
443/tcp (v6)               ALLOW       Anywhere (v6)              # allow https traffic update
Apache Full (v6)           ALLOW       Anywhere (v6)             
587 (v6)                   ALLOW       Anywhere (v6)             
993 (v6)                   ALLOW       Anywhere (v6)              # godaddy IMAP
995 (v6)                   ALLOW       Anywhere (v6)              # godaddy POP3
465 (v6)                   ALLOW       Anywhere (v6)              # godaddy SMTP
SMTPTLS (v6)               ALLOW       Anywhere (v6)             
80 (v6)                    ALLOW       Anywhere (v6)             

53                         ALLOW OUT   Anywhere                   # allow DNS calls out
123                        ALLOW OUT   Anywhere                   # allow NTP out
80/tcp                     ALLOW OUT   Anywhere                  
443/tcp                    ALLOW OUT   Anywhere                   # allow HTTPS traffic out
43/tcp                     ALLOW OUT   Anywhere                   # allow whois
25                         ALLOW OUT   Anywhere                   # allow MAIL out
SMTPTLS                    ALLOW OUT   Anywhere                   # open TLS port 465 for use with SMPT to send e-mails
21/tcp                     ALLOW OUT   Anywhere                   # allow FTP traffic out
53 (v6)                    ALLOW OUT   Anywhere (v6)              # allow DNS calls out
123 (v6)                   ALLOW OUT   Anywhere (v6)              # allow NTP out
80/tcp (v6)                ALLOW OUT   Anywhere (v6)             
443/tcp (v6)               ALLOW OUT   Anywhere (v6)              # allow HTTPS traffic out
43/tcp (v6)                ALLOW OUT   Anywhere (v6)              # allow whois
25 (v6)                    ALLOW OUT   Anywhere (v6)              # allow MAIL out
SMTPTLS (v6)               ALLOW OUT   Anywhere (v6)              # open TLS port 465 for use with SMPT to send e-mails
21/tcp (v6)                ALLOW OUT   Anywhere (v6)              # allow FTP traffic out

我正在尝试curl向另一台服务器发出请求

curl http://my.ip:5000

但此命令给出“连接超时”错误。

我认为问题出ufw在不允许 HTTP 流量流出，因此我启用了端口 80 以允许流量进出，但没有工作。如果我完全禁用ufw该curl命令，则该命令可以正常工作并返回响应，但我无法弄清楚需要添加什么规则才能使其ufw有效工作。

答案1

我假设您已将默认 OUT 规则设置为 DENY？

您已经开放了端口 80/tcp 的流量，但您正在尝试连接到服务器上的端口 5000。
尝试：

ufw allow out 5000/tcp

答案1

相关内容