我有一个服务监听 127.0.0.1:8080,我只想将端口 80 导出到外部。我尝试了端口转发,但没有成功。那么我该如何将端口 80 转发到 localhost:8080?
这是我尝试过的:
firewall-cmd --add-port-forward=port=8080:proto=tcp:toport=80:toaddr=127.0.0.1
操作系统:fedora 36,firewalld
2022-07-02 更新:
我再次尝试但失败了:
firewall-cmd --add-forward-port=port=80:proto=tcp:toport=8080:toaddr=127.0.0.1
# firewall-cmd --list-all
FedoraServer (active)
target: default
icmp-block-inversion: no
interfaces: enp1s0
sources:
services: cockpit dhcpv6-client http https ssh
ports: 80/tcp 80/udp 443/tcp 443/udp
protocols:
forward: no
masquerade: yes
forward-ports:
port=443:proto=tcp:toport=8443:toaddr=127.0.0.1
port=443:proto=udp:toport=8443:toaddr=127.0.0.1
port=443:proto=tcp:toport=8443:toaddr=
port=443:proto=udp:toport=8443:toaddr=
port=80:proto=tcp:toport=8080:toaddr=127.0.0.1
source-ports:
icmp-blocks:
rich rules:
nc -l 127.0.0.1 8080
nc x.x.x.x 80
Ncat: TIMEOUT.
编辑2022-07-03:修复错误的端口号。
答案1
默认情况下,转发到环回地址是禁用的。假设传入接口名称为eth0,则可以暂时地启用:
sudo sysctl -w net.ipv4.conf.eth0.route_localnet=1
此外,转发规则必须包含toaddr=127.0.0.1