linux iptables防火墙问题?无法从php连接到elasticsearch在集群中找不到活动节点

pb3s4cty  于 2021-06-10  发布在  ElasticSearch
关注(0)|答案(0)|浏览(471)

一切正常,但我添加了一些防火墙和iptables和服务器消失:))
不,我对elastticsearch在本地(服务器上)有问题,一切正常(curl返回数据正常),但似乎php无法在端口上连接,elasticsearch错误与elastic关闭或无法连接一样:在集群中找不到活动节点
哪里有问题?谢谢

netstat -a -o -n | grep LISTEN
tcp        0      0 0.0.0.0:11211           0.0.0.0:*               LISTEN      off (0.00/0/0)
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      off (0.00/0/0)
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      off (0.00/0/0)
tcp6       0      0 :::7786                 :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 :::3306                 :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 :::11211                :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 :::7788                 :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 :::111                  :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 :::80                   :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 127.0.0.1:9200          :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 127.0.0.1:9300          :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 :::21                   :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 :::22                   :::*                    LISTEN      off (0.00/0/0)
tcp6       0      0 :::443                  :::*                    LISTEN      keepalive (0.85/0/0)
unix  2      [ ACC ]     STREAM     LISTENING     9729     /run/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     13343    /run/systemd/journal/stdout
unix  2      [ ACC ]     SEQPACKET  LISTENING     21564    /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     40079    /var/lib/mysql/mysql.sock
unix  2      [ ACC ]     STREAM     LISTENING     21635    /run/lvm/lvmpolld.socket
unix  2      [ ACC ]     STREAM     LISTENING     22167    /var/run/abrt/abrt.socket
unix  2      [ ACC ]     STREAM     LISTENING     21708    /run/lvm/lvmetad.socket
unix  2      [ ACC ]     STREAM     LISTENING     20702    /var/run/lsm/ipc/sim
unix  2      [ ACC ]     STREAM     LISTENING     20704    /var/run/lsm/ipc/simc
unix  2      [ ACC ]     STREAM     LISTENING     10723    /var/run/rpcbind.sock
unix  2      [ ACC ]     STREAM     LISTENING     10727    /var/run/dbus/system_bus_socket
iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N FORWARD_IN_ZONES
-N FORWARD_IN_ZONES_SOURCE
-N FORWARD_OUT_ZONES
-N FORWARD_OUT_ZONES_SOURCE
-N FORWARD_direct
-N FWDI_public
-N FWDI_public_allow
-N FWDI_public_deny
-N FWDI_public_log
-N FWDO_public
-N FWDO_public_allow
-N FWDO_public_deny
-N FWDO_public_log
-N INPUT_ZONES
-N INPUT_ZONES_SOURCE
-N INPUT_direct
-N IN_public
-N IN_public_allow
-N IN_public_deny
-N IN_public_log
-N OUTPUT_direct
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j INPUT_direct
-A INPUT -j INPUT_ZONES_SOURCE
-A INPUT -j INPUT_ZONES
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -j FORWARD_direct
-A FORWARD -j FORWARD_IN_ZONES_SOURCE
-A FORWARD -j FORWARD_IN_ZONES
-A FORWARD -j FORWARD_OUT_ZONES_SOURCE
-A FORWARD -j FORWARD_OUT_ZONES
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -j OUTPUT_direct
-A FORWARD_IN_ZONES -g FWDI_public
-A FORWARD_OUT_ZONES -g FWDO_public
-A FWDI_public -j FWDI_public_log
-A FWDI_public -j FWDI_public_deny
-A FWDI_public -j FWDI_public_allow
-A FWDI_public -p icmp -j ACCEPT
-A FWDO_public -j FWDO_public_log
-A FWDO_public -j FWDO_public_deny
-A FWDO_public -j FWDO_public_allow
-A INPUT_ZONES -g IN_public
-A IN_public -j IN_public_log
-A IN_public -j IN_public_deny
-A IN_public -j IN_public_allow
-A IN_public -p icmp -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 9200 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 9300 -m conntrack --ctstate NEW -j ACCEPT

同时停止在java应用程序中使用反向代理

<VirtualHost *:80>
    ServerName example.com
    ProxyPass / http://127.0.0.1:7735/
    ProxyPassReverse / http://127.0.0.1:7735/
    RewriteEngine on
</VirtualHost>

而且php连接到mysql跨主机127.0.0.1也不起作用,但是从php跨localhost连接是可以的

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题