2016-01-20 115 views
0

我已經建立了一個nginx服務器,它是端口80到http://127.0.0.1:3000的代理,但請求永遠不會通過。它只是無限的加載。我已嘗試sudo /sbin/iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT我試過sudo setsebool -P httpd_can_network_connect true。我也試過sudo setsebool -P httpd_can_network_connect false。我試過semanage port -a -t http_port_t -p tcp 80nginx服務器永遠不會解決

從須藤netstat的輸出-tulpn

Active Internet connections (only servers) 
Proto Recv-Q Send-Q Local Address   Foreign Address   State   PID/Program name  
tcp  0  0 0.0.0.0:80    0.0.0.0:*    LISTEN  13916/nginx: master 
tcp  0  0 0.0.0.0:22    0.0.0.0:*    LISTEN  1640/sshd   
tcp  0  0 127.0.0.1:25   0.0.0.0:*    LISTEN  1247/master   
tcp6  0  0 :::80     :::*     LISTEN  13916/nginx: master 
tcp6  0  0 :::22     :::*     LISTEN  1640/sshd   
tcp6  0  0 :::3000     :::*     LISTEN  14773/node   
tcp6  0  0 ::1:25     :::*     LISTEN  1247/master   
udp  0  0 0.0.0.0:68    0.0.0.0:*       484/dhclient   
udp  0  0 127.0.0.1:323   0.0.0.0:*       451/chronyd   
udp  0  0 0.0.0.0:1510   0.0.0.0:*       484/dhclient   
udp6  0  0 ::1:323     :::*        451/chronyd   
udp6  0  0 :::1458     :::*          484/dhclient 

輸出iptables -L

Chain INPUT (policy ACCEPT) 
target  prot opt source    destination   
ACCEPT  tcp -- anywhere    anywhere    tcp dpt:http 

Chain FORWARD (policy ACCEPT) 
target  prot opt source    destination   

Chain OUTPUT (policy ACCEPT) 
target  prot opt source    destination 

nginx的配置:

# For more information on configuration, see: 
# * Official English Documentation: http://nginx.org/en/docs/ 
# * Official Russian Documentation: http://nginx.org/ru/docs/ 

user nginx; 
worker_processes 4; 
error_log /var/log/nginx/error.log; 
pid /run/nginx.pid; 
#set open file descriptor limit to 30000 
#worker_rlimit_nofile 30000; 
events { 
    worker_connections 1024; 
    #worker_processes = 4; 
} 


http { 
    log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 
         '$status $body_bytes_sent "$http_referer" ' 
         '"$http_user_agent" "$http_x_forwarded_for"'; 

    access_log /var/log/nginx/access.log main; 

    sendfile   on; 
    tcp_nopush   on; 
    tcp_nodelay   on; 
    keepalive_timeout 65; 
    types_hash_max_size 2048; 

    include    /etc/nginx/mime.types; 
    default_type  application/octet-stream; 

    upstream dashboard { 
     server 127.0.0.1:3000; 
    } 
    # Load modular configuration files from the /etc/nginx/conf.d directory. 
    # See http://nginx.org/en/docs/ngx_core_module.html#include 
    # for more information. 
    # include /etc/nginx/conf.d/*.conf; 
    server { 
     listen  80 default_server; 
     listen  [::]:80 default_server; 
     server_name ec2-x-x-x-x.compute-1.amazonaws.com; 
     #root  /home/ec2-user/dashboard; 

     # Load configuration files for the default server block. 
     # include /etc/nginx/default.d/*.conf; 


     location/{ 
     proxy_pass http://127.0.0.1:3000; 
     } 

    } 
} 

回答

1

您可以使用audit2why和audit2allow 喜歡的東西(CentOS的風格) :

tail -1000 /var/log/auditd/audit.log | grep nginx | audit2why 

當然,你可以檢查,如果後端是活着curl localhost:3000