不能从其他机器访问RHEL5.5上的Tomcat 6
在RHEL5上安装了tomcat6, 启动之后,本机可以访问,但从其他机器访问不了,原来是iptables的问题。1.环境:
vmware workstation 7.1.2 build-301548
RedHat Enterprise Linux 5.5
apache-tomcat-6.0.30
jdk1.6.0_22
2.问题描述:
在RHEL5上安装了tomcat6, 启动之后,本机可以访问,但从其他机器访问不了。
3.RHEL5安装后默认的ittables规则:
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUTall--anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUTall--anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all--anywhere anywhere
ACCEPT icmp --anywhere anywhere icmp any
ACCEPT esp--anywhere anywhere
ACCEPT ah --anywhere anywhere
ACCEPT udp--anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp--anywhere anywhere udp dpt:ipp
ACCEPT tcp--anywhere anywhere tcp dpt:ipp
ACCEPT all--anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp--anywhere anywhere state NEW tcp dpt:ssh
REJECT all--anywhere anywhere reject-with icmp-host-prohibited
4.解决办法:
删除当前INPUT链上的规则
iptables -F INPUT
增加两条INPUT链上规则,针对tcp的80和8080端口(8080是tomcat的默认端口)
iptables -A INPUT -p tcp -s 0/0 --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 --dport 8080 -j ACCEPT
页:
[1]