解决 nginx 请求无法到达服务器的问题

解决 nginx 请求无法到达服务器的问题

当我使用其他服务器浏览时

wget -U "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" --spider http://server_ip/page --no-hsts

这是回应

Spider mode enabled. Check if remote file exists.
--2021-07-25 09:03:09--  http://server_ip/page
Connecting to 45.76.11.115:80... connected.
 HTTP request sent, awaiting response... 200 No headers, assuming HTTP/0.9
Length: unspecified
Remote file exists and could contain further links,
but recursion is disabled -- not retrieving.

Nginx 默认配置是

server {
   listen 80 default_server;
   server_name _;
   return 404;
   location ~ /\.ht {
      deny all; 
   }
}

错误日志和访问日志中均无条目。但是它正在接收来自某些未知服务器的请求,例如

some_public_ip - - [25/Jul/2021:08:53:14 +0800] "GET / HTTP/1.1" 200 399 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" "1.68"

通过使用以下方法检查 80 的监听程序

lsof -nP -iTCP -sTCP:LISTEN

尽管我只得到了 nginx。

nginx     19182     root    6u  IPv4 19898878      0t0  TCP *:80 (LISTEN)
nginx     19182     root    7u  IPv4 19898879      0t0  TCP *:8443 (LISTEN)
nginx     19183 www-data    6u  IPv4 19898878      0t0  TCP *:80 (LISTEN)
nginx     19183 www-data    7u  IPv4 19898879      0t0  TCP *:8443 (LISTEN)

但是 tcpdump 显示它正在接收请求

09:13:06.520109 IP local_ip.42330 > server_ip.80: Flags [.], ack 1, win 21, options [nop,nop,TS val 3610668715 ecr 3536888037], length 0
09:13:06.523627 IP local_ip.42330 > server_ip.80: Flags [P.], seq 1:173, ack 1, win 21, options [nop,nop,TS val 3610668715 ecr 3536888037], length 172: HTTP: HEAD / HTTP/1.1
09:13:06.523668 IP server_ip.80 > local_ip.42330: Flags [.], ack 173, win 508, options [nop,nop,TS val 3536888310 ecr 3610668715], length 0
09:13:06.523741 IP server_ip.80 > local_ip.42330: Flags [P.], seq 1:58, ack 173, win 508, options [nop,nop,TS val 3536888310 ecr 3610668715], length 57: HTTP
09:13:06.523781 IP server_ip.80 > local_ip.42330: Flags [F.], seq 58, ack 173, win 508, options [nop,nop,TS val 3536888310 ecr 3610668715], length 0
09:13:06.790067 IP local_ip.42330 > server_ip.80: Flags [.], ack 58, win 21, options [nop,nop,TS val 3610668990 ecr 3536888310], length 0
09:13:06.795185 IP local_ip.42330 > server_ip.80: Flags [R.], seq 173, ack 59, win 21, options [nop,nop,TS val 3610668991 ecr 3536888310], length 0
09:13:06.800086 IP local_ip.42330 > server_ip.80: Flags [R], seq 1666043585, win 0, length 0

如何解决这个问题?

更新 #1

再次尝试使用 tcp dump

tcpdump -vvXX -n port 80

和输出

    local_ip.48914 > server_ip.80: Flags [S], cksum 0xf7e9 (correct), seq 2727175320, win 42340, options [mss 1318,sackOK,TS val 3613618415 ecr 0,nop,wscale 11], length 0
        0x0000:  5600 0302 ccd0 fe00 0302 ccd0 0800 4500  V.............E.
        0x0010:  003c 5f00 0000 3806 875c 6adc f8c4 2d4c  .<_...8..\j...-L
        0x0020:  0b73 bf12 0050 a28d 6498 0000 0000 a002  .s...P..d.......
        0x0030:  a564 f7e9 0000 0204 0526 0402 080a d763  .d.......&.....c
        0x0040:  70ef 0000 0000 0103 030b                 p.........
    10:02:16.252990 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
        server_ip.80 > local_ip.48914: Flags [S.], cksum 0x9c8e (incorrect -> 0xbb3e), seq 3157700385, ack 2727175321, win 65160, options [mss 1460,sackOK,TS val 3539838101 ecr 3613618415,nop,wscale 7], length 0
        0x0000:  fe00 0302 ccd0 5600 0302 ccd0 0800 4500  ......V.......E.
        0x0010:  003c 0000 4000 4006 9e5c 2d4c 0b73 6adc  .<..@.@..\-L.sj.
        0x0020:  f8c4 0050 bf12 bc36 af21 a28d 6499 a012  ...P...6.!..d...
        0x0030:  fe88 9c8e 0000 0204 05b4 0402 080a d2fd  ................
        0x0040:  a495 d763 70ef 0103 0307                 ...cp.....
    10:02:16.615737 IP (tos 0x0, ttl 56, id 24419, offset 0, flags [none], proto TCP (6), length 52)
        local_ip.48914 > server_ip.80: Flags [.], cksum 0xe6f3 (correct), seq 1, ack 1, win 21, options [nop,nop,TS val 3613618810 ecr 3539838101], length 0
        0x0000:  5600 0302 ccd0 fe00 0302 ccd0 0800 4500  V.............E.
        0x0010:  0034 5f63 0000 3806 8701 6adc f8c4 2d4c  .4_c..8...j...-L
        0x0020:  0b73 bf12 0050 a28d 6499 bc36 af22 8010  .s...P..d..6."..
        0x0030:  0015 e6f3 0000 0101 080a d763 727a d2fd  ...........crz..
        0x0040:  a495                                     ..
    10:02:16.629335 IP (tos 0x0, ttl 56, id 24423, offset 0, flags [none], proto TCP (6), length 227)
        local_ip.48914 > server_ip.80: Flags [P.], cksum 0x36e5 (correct), seq 1:176, ack 1, win 21, options [nop,nop,TS val 3613618810 ecr 3539838101], length 175: HTTP, length: 175
        HEAD /url HTTP/1.1
        User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
        Accept: */*
        Accept-Encoding: identity
        Host: server_ip
        Connection: Keep-Alive
        
        0x0000:  5600 0302 ccd0 fe00 0302 ccd0 0800 4500  V.............E.
        0x0010:  00e3 5f67 0000 3806 864e 6adc f8c4 2d4c  .._g..8..Nj...-L
        0x0020:  0b73 bf12 0050 a28d 6499 bc36 af22 8018  .s...P..d..6."..
        0x0030:  0015 36e5 0000 0101 080a d763 727a d2fd  ..6........crz..
        0x0040:  a495 4845 4144 202f 7572 6c20 4854 5450  ..HEAD./url.HTTP
        0x0050:  2f31 2e31 0d0a 5573 6572 2d41 6765 6e74  /1.1..User-Agent
        0x0060:  3a20 4d6f 7a69 6c6c 612f 342e 3020 2863  :.Mozilla/4.0.(c
        0x0070:  6f6d 7061 7469 626c 653b 204d 5349 4520  ompatible;.MSIE.
        0x0080:  362e 303b 2057 696e 646f 7773 204e 5420  6.0;.Windows.NT.
        0x0090:  352e 313b 2053 5631 290d 0a41 6363 6570  5.1;.SV1)..Accep
        0x00a0:  743a 202a 2f2a 0d0a 4163 6365 7074 2d45  t:.*/*..Accept-E
        0x00b0:  6e63 6f64 696e 673a 2069 6465 6e74 6974  ncoding:.identit
        0x00c0:  790d 0a48 6f73 743a 2034 352e 3736 2e31  y..Host:.server_ip
        0x00d0:  312e 3131 350d 0a43 6f6e 6e65 6374 696f  Connectio
        0x00e0:  6e3a 204b 6565 702d 416c 6976 650d 0a0d  n:.Keep-Alive...
        0x00f0:  0a                                       .
    10:02:16.629408 IP (tos 0x0, ttl 64, id 24117, offset 0, flags [DF], proto TCP (6), length 52)
        server_ip.80 > local_ip.48914: Flags [.], cksum 0x9c86 (incorrect -> 0xe2e4), seq 1, ack 176, win 508, options [nop,nop,TS val 3539838478 ecr 3613618810], length 0
        0x0000:  fe00 0302 ccd0 5600 0302 ccd0 0800 4500  ......V.......E.
        0x0010:  0034 5e35 4000 4006 402f 2d4c 0b73 6adc  .4^5@.@.@/-L.sj.
        0x0020:  f8c4 0050 bf12 bc36 af22 a28d 6548 8010  ...P...6."..eH..
        0x0030:  01fc 9c86 0000 0101 080a d2fd a60e d763  ...............c
        0x0040:  727a                                     rz
    10:02:16.629513 IP (tos 0x0, ttl 64, id 24118, offset 0, flags [DF], proto TCP (6), length 109)
        server_ip.80 > local_ip.48914: Flags [P.], cksum 0x9cbf (incorrect -> 0xb393), seq 1:58, ack 176, win 508, options [nop,nop,TS val 3539838478 ecr 3613618810], length 57: HTTP
        0x0000:  fe00 0302 ccd0 5600 0302 ccd0 0800 4500  ......V.......E.
        0x0010:  006d 5e36 4000 4006 3ff5 2d4c 0b73 6adc  .m^6@.@.?.-L.sj.
        0x0020:  f8c4 0050 bf12 bc36 af22 a28d 6548 8018  ...P...6."..eH..
        0x0030:  01fc 9cbf 0000 0101 080a d2fd a60e d763  ...............c
        0x0040:  727a 0000 1204 0000 0000 0000 0300 0000  rz..............
        0x0050:  8000 0400 0100 0000 0500 ffff ff00 0004  ................
        0x0060:  0800 0000 0000 7fff 0000 0000 0807 0000  ................
        0x0070:  0000 0000 0000 0000 0000 01              ...........
    10:02:16.629551 IP (tos 0x0, ttl 64, id 24119, offset 0, flags [DF], proto TCP (6), length 52)
        server_ip.80 > local_ip.48914: Flags [F.], cksum 0x9c86 (incorrect -> 0xe2aa), seq 58, ack 176, win 508, options [nop,nop,TS val 3539838478 ecr 3613618810], length 0
        0x0000:  fe00 0302 ccd0 5600 0302 ccd0 0800 4500  ......V.......E.
        0x0010:  0034 5e37 4000 4006 402d 2d4c 0b73 6adc  .4^7@.@[email protected].
        0x0020:  f8c4 0050 bf12 bc36 af5b a28d 6548 8011  ...P...6.[..eH..
        0x0030:  01fc 9c86 0000 0101 080a d2fd a60e d763  ...............c
        0x0040:  727a                                     rz
    10:02:16.913890 IP (tos 0x0, ttl 56, id 24502, offset 0, flags [none], proto TCP (6), length 52)
        local_ip.48914 > server_ip.80: Flags [.], cksum 0xe361 (correct), seq 176, ack 58, win 21, options [nop,nop,TS val 3613619115 ecr 3539838478], length 0
        0x0000:  5600 0302 ccd0 fe00 0302 ccd0 0800 4500  V.............E.
        0x0010:  0034 5fb6 0000 3806 86ae 6adc f8c4 2d4c  .4_...8...j...-L
        0x0020:  0b73 bf12 0050 a28d 6548 bc36 af5b 8010  .s...P..eH.6.[..
        0x0030:  0015 e361 0000 0101 080a d763 73ab d2fd  ...a.......cs...
        0x0040:  a60e                                     ..
    10:02:16.913950 IP (tos 0x0, ttl 56, id 24506, offset 0, flags [none], proto TCP (6), length 52)
        local_ip.48914 > server_ip.80: Flags [.], cksum 0xe360 (correct), seq 176, ack 59, win 21, options [nop,nop,TS val 3613619115 ecr 3539838478], length 0
        0x0000:  5600 0302 ccd0 fe00 0302 ccd0 0800 4500  V.............E.
        0x0010:  0034 5fba 0000 3806 86aa 6adc f8c4 2d4c  .4_...8...j...-L
        0x0020:  0b73 bf12 0050 a28d 6548 bc36 af5c 8010  .s...P..eH.6.\..
        0x0030:  0015 e360 0000 0101 080a d763 73ab d2fd  ...`.......cs...
        0x0040:  a60e                                     ..
    10:02:16.913983 IP (tos 0x0, ttl 56, id 24508, offset 0, flags [none], proto TCP (6), length 52)
        local_ip.48914 > server_ip.80: Flags [R.], cksum 0xe35b (correct), seq 176, ack 59, win 21, options [nop,nop,TS val 3613619116 ecr 3539838478], length 0
        0x0000:  5600 0302 ccd0 fe00 0302 ccd0 0800 4500  V.............E.
        0x0010:  0034 5fbc 0000 3806 86a8 6adc f8c4 2d4c  .4_...8...j...-L
        0x0020:  0b73 bf12 0050 a28d 6548 bc36 af5c 8014  .s...P..eH.6.\..
        0x0030:  0015 e35b 0000 0101 080a d763 73ac d2fd  ...[.......cs...
        0x0040:  a60e

错误的校验和是否与该问题有关?有没有办法检查哪个应用程序或进程响应了该请求?

答案1

找到了导致此错误的原因,该错误是由另一个不同的配置文件引起的server_name,具有

listen 80 http2;

http2从配置中删除后问题就解决了。遗憾的是,Nginx 配置测试并未将此报告为无效。

以下资源帮助我排除故障;

https://stackoverflow.com/questions/16021481/nginx-not-listening-to-port-80

HTTPS 有效,HTTP 无效

相关内容