我正在尝试在我的 Cent OS 5.2 中打开端口843,我添加了以下行etc\sysconfig\iptables:
-A INPUT -p tcp --dport 843 -j ACCEPT
然后更新了我的iptables服务。我需要通过命令在由 root 用户运行的 node.js 应用程序中监听该端口,但当我尝试通过该端口建立连接时sudo node index.js仍然会出错。forbidden port
这是我运行后得到的结果sudo iptables -L -v:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2811 238K ACCEPT tcp -- any any anywhere anywhere tcp dpt:http
112 6224 ACCEPT tcp -- any any anywhere anywhere tcp dpt:hbci
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:843
41 2124 ACCEPT tcp -- any any anywhere anywhere state NEW tcp multiport dports 5901:5903,6001:6003
13093 13M ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
26 3584 ACCEPT icmp -- any any anywhere anywhere
0 0 ACCEPT all -- lo any anywhere anywhere
109 6404 ACCEPT tcp -- any any anywhere anywhere state NEW tcp dpt:ssh
888K 80M REJECT all -- any any anywhere anywhere
这是输出sudo netstat -ptl | grep node:
tcp 0 0 *:843 *:* LISTEN 12927/node
tcp 0 0 *:http *:* LISTEN 12927/node
tcp 0 0 *:10843 *:* LISTEN 12927/node
我尝试监听该端口socket.io使用以下代码:
var io = require('socket.io').listen(
843,
{ log: false,
flashPolicyServer: true,
transports: ['websocket', 'flashsocket', 'htmlfile', 'xhr-multipart', 'xhr-polling', 'jsonp-polling']
}
);
io.sockets.on('connection', function(socket){
// my event listeners
});
答案1
问题解决了。所有服务器配置都正确,显然客户端的防火墙阻止了该端口。所以我切换到sockjs它使用与 http 服务器相同的端口(端口 80),因此不存在客户端阻止连接的风险。