我正在尝试在我的 amazon linux ami 机器上设置从端口80
到端口的端口转发。8080
我跑了
$ sudo /sbin/iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
并验证了结果:
$ sudo iptables --table nat --list
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8080
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
但是请求端口80
不起作用:
$ wget http://localhost:80
--2017-09-25 08:51:27-- http://localhost/
Resolving localhost (localhost)... 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:80... failed: Connection refused.
而端口8080
工作正常:
$ wget http://localhost:8080
--2017-09-25 08:51:39-- http://localhost:8080/
Resolving localhost (localhost)... 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:8080... connected.
我怎样才能让 port80
成为 port 的别名8080
?
附加信息:
$ cat /proc/sys/net/ipv4/ip_forward
1
$ sudo sysctl -a | grep ip_forward
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_use_pmtu = 0
error: "Input/output error" reading key "net.ipv6.conf.all.stable_secret"
error: "Input/output error" reading key "net.ipv6.conf.default.stable_secret"
error: "Input/output error" reading key "net.ipv6.conf.eth0.stable_secret"
error: "Input/output error" reading key "net.ipv6.conf.lo.stable_secret"
答案1
事实上,端口转发已经生效,但对 不起作用localhost
。但是,从外部访问该端口却一切正常。
我仍然不知道,为什么它没有起作用,localhost
但目前对我来说并不重要。