如何在虚拟 Ubuntu Server 20.04.3 上打开端口 443 和 8080？

我正在运行 Ubuntu 20.04.3 服务器作为虚拟服务器。我的虚拟服务器使用 VMware 虚拟化，交付是自动的。我将设置为使用 outline，并且必须打开端口 443 和 8080。

我尝试在防火墙中执行此操作但仍然出现错误。

我们安装了docker程序，这是概要要求之一，并且该程序已启用，但由于未打开端口或破坏端口的问题，我们还无法使用该服务器。

我放置了显示我的服务器的网络配置文件和 ufw 信息的代码。

如果您需要更多信息，请告诉我。

你对解决这个问题有什么建议？

示例错误：

Host (myip) Port 8080
Testing...

Test assumes port 443 on (myip) refuses all requests

Your network does not block port 8080

**Port 8080 on Host (myip) is blocked by packet dropping or server is down**

Done!


Host (myip) Port 443
Testing...

Test assumes port 80 on (myip) refuses all requests

Your network does not block port 443

**Port 443 on host (myip) is blocked by packed dropping**

Done!

報告：

root@server:~# sudo iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-logging-input all -- anywhere anywhere
ufw-before-input all -- anywhere anywhere
ufw-after-input all -- anywhere anywhere
ufw-after-logging-input all -- anywhere anywhere
ufw-reject-input all -- anywhere anywhere
ufw-track-input all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere multiport dports h ttp-alt,https ctstate NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt



Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ES TABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ufw-before-logging-forward all -- anywhere anywhere
ufw-before-forward all -- anywhere anywhere
ufw-after-forward all -- anywhere anywhere
ufw-after-logging-forward all -- anywhere anywhere
ufw-reject-forward all -- anywhere anywhere
ufw-track-forward all -- anywhere anywhere



Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-output all -- anywhere anywhere
ufw-before-output all -- anywhere anywhere
ufw-after-output all -- anywhere anywhere
ufw-after-logging-output all -- anywhere anywhere
ufw-reject-output all -- anywhere anywhere
ufw-track-output all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere multiport dports h ttp-alt,https ctstate ESTABLISHED



Chain DOCKER (1 references)
target prot opt source destination



Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination

DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere



Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere



Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere



Chain ufw-after-forward (1 references)
target prot opt source destination



Chain ufw-after-input (1 references)
target prot opt source destination
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm
ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn
ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc
ufw-skip-to-policy-input all -- anywhere anywhere ADD RTYPE match dst-type BROADCAST



Chain ufw-after-logging-forward (1 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min b urst 10 LOG level warning prefix "[UFW BLOCK] "



Chain ufw-after-logging-input (1 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min b urst 10 LOG level warning prefix "[UFW BLOCK] "



Chain ufw-after-logging-output (1 references)
target prot opt source destination



Chain ufw-after-output (1 references)
target prot opt source destination



Chain ufw-before-forward (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ES TABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-u nreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-pro blem
ACCEPT icmp -- anywhere anywhere icmp echo-request
ufw-user-forward all -- anywhere anywhere



Chain ufw-before-input (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ES TABLISHED
ufw-logging-deny all -- anywhere anywhere ctstate INV ALID
DROP all -- anywhere anywhere ctstate INVALID
ACCEPT icmp -- anywhere anywhere icmp destination-u nreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-pro blem
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt :bootpc
ufw-not-local all -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900
ufw-user-input all -- anywhere anywhere



Chain ufw-before-logging-forward (1 references)
target prot opt source destination



Chain ufw-before-logging-input (1 references)
target prot opt source destination



Chain ufw-before-logging-output (1 references)
target prot opt source destination



Chain ufw-before-output (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ES TABLISHED
ufw-user-output all -- anywhere anywhere



Chain ufw-logging-allow (0 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min b urst 10 LOG level warning prefix "[UFW ALLOW] "



Chain ufw-logging-deny (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere ctstate INVALID li mit: avg 3/min burst 10
LOG all -- anywhere anywhere limit: avg 3/min b urst 10 LOG level warning prefix "[UFW BLOCK] "



Chain ufw-not-local (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere ADDRTYPE match dst -type LOCAL
RETURN all -- anywhere anywhere ADDRTYPE match dst -type MULTICAST
RETURN all -- anywhere anywhere ADDRTYPE match dst -type BROADCAST
ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10
DROP all -- anywhere anywhere



Chain ufw-reject-forward (1 references)
target prot opt source destination



Chain ufw-reject-input (1 references)
target prot opt source destination



Chain ufw-reject-output (1 references)
target prot opt source destination



Chain ufw-skip-to-policy-forward (0 references)
target prot opt source destination
DROP all -- anywhere anywhere



Chain ufw-skip-to-policy-input (7 references)
target prot opt source destination
DROP all -- anywhere anywhere



Chain ufw-skip-to-policy-output (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere



Chain ufw-track-forward (1 references)
target prot opt source destination



Chain ufw-track-input (1 references)
target prot opt source destination



Chain ufw-track-output (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere ctstate NEW
ACCEPT udp -- anywhere anywhere ctstate NEW



Chain ufw-user-forward (1 references)
target prot opt source destination



Chain ufw-user-input (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere tcp dptsh
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql
ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt
ACCEPT udp -- anywhere anywhere udp dpt:8080
ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt
ACCEPT udp -- anywhere anywhere udp dpt:8080



Chain ufw-user-limit (0 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min b urst 5 LOG level warning prefix "[UFW LIMIT BLOCK] "
REJECT all -- anywhere anywhere reject-with icmp-p ort-unreachable



Chain ufw-user-limit-accept (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere



Chain ufw-user-logging-forward (0 references)
target prot opt source destination



Chain ufw-user-logging-input (0 references)
target prot opt source destination



Chain ufw-user-logging-output (0 references)
target prot opt source destination



Chain ufw-user-output (1 references)
target prot opt source destination

root@server:~# ^C
root@server:~# sudo ufw status
Status: active



To Action From
-- ------ ----
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
21/tcp ALLOW Anywhere
20/tcp ALLOW Anywhere
22/tcp ALLOW Anywhere
3306/tcp ALLOW Anywhere
8080/tcp ALLOW Anywhere
8080/udp ALLOW Anywhere
8080 ALLOW Anywhere
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
21/tcp (v6) ALLOW Anywhere (v6)
20/tcp (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)
3306/tcp (v6) ALLOW Anywhere (v6)
8080/tcp (v6) ALLOW Anywhere (v6)
8080/udp (v6) ALLOW Anywhere (v6)
8080 (v6) ALLOW Anywhere (v6)

----------------------------------------------------------------------3

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 37.187.28.254 0.0.0.0 UG 0 0 0 ens32
37.187.28.254 0.0.0.0 255.255.255.255 UH 0 0 0 ens32
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0

------------------------------------------------------------------------4

root@server:~# curl -v 145.239.***.2:443
* Trying 145.239.***.2:443...
* TCP_NODELAY set
* Connected to 145.239.***.2 (145.239.***.2) port 443 (#0)
> GET / HTTP/1.1
> Host: 145.239.***.2:443
> User-Agent: curl/7.68.0
> Accept: */*

>

^C

root@server:~# curl -v 145.239.***.2:8080/
* Trying 145.239.***.2:8080...
* TCP_NODELAY set
* Connected to 145.239.***.2 (145.239.***.2) port 8080 (#0)
> GET / HTTP/1.1
> Host: 145.239.***.2:8080
> User-Agent: curl/7.68.0
> Accept: */*

>

* Empty reply from server
* Connection #0 to host 145.239.***.2 left intact
curl: (52) Empty reply from server

---

• 防火墙设置根据这一页
• 轮廓安装按照这一页