Nginx 上游返回“站点不可用”，但它们正常工作

我使用upstream和proxy进行负载平衡。

[[email protected] ~]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    upstream sites {
        server 192.168.1.237:8080;
        server 192.168.1.240:8080;
    }
    server {
        listen       80 default_server;
        listen       [::]:80 default_server;

        server_name  _;
        root         /usr/share/nginx/html;
        include /etc/nginx/default.d/*.conf;

        location / {
            proxy_pass http://sites;
        }
    }
}

当我在浏览器中打开 192.168.1.135 时，它告诉我“站点暂时不可用”。

来自 192.168.1.135 的所有 ping 均有效：

PING 192.168.1.237 (192.168.1.237) 56(84) bytes of data.
64 bytes from 192.168.1.237: icmp_seq=1 ttl=64 time=0.803 ms
64 bytes from 192.168.1.237: icmp_seq=2 ttl=64 time=0.329 ms
64 bytes from 192.168.1.237: icmp_seq=3 ttl=64 time=0.676 ms
64 bytes from 192.168.1.237: icmp_seq=4 ttl=64 time=0.579 ms

PING 192.168.1.240 (192.168.1.240) 56(84) bytes of data.
64 bytes from 192.168.1.240: icmp_seq=1 ttl=64 time=0.607 ms
64 bytes from 192.168.1.240: icmp_seq=2 ttl=64 time=0.264 ms
64 bytes from 192.168.1.240: icmp_seq=3 ttl=64 time=0.358 ms
64 bytes from 192.168.1.240: icmp_seq=4 ttl=64 time=0.253 ms

当我将浏览器指向http://192.168.1.237:8080或者http://192.168.1.240:8080——他们成功打开了。

nginx 错误日志

2016/04/13 18:36:59 [crit] 5427#0: *20 connect() to 192.168.1.240:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.15, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.1.240:8080/", host: "192.168.1.135"
2016/04/13 18:36:59 [crit] 5427#0: *20 connect() to 192.168.1.237:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.15, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.1.237:8080/", host: "192.168.1.135"

出了什么问题？谢谢。