我有一个运行CentOS 7的Google计算,我写了一个快速测试,试图通过端口9000(从家用PC)与之通信-但我出乎意料地遇到了网络错误。
这既发生在我的测试脚本(尝试发送有效负载)中,甚至发生在plink.exe(我仅用于检查端口可用性的情况下。)>
>plink.exe -v -raw -P 9000 <external_IP>
Connecting to <external_IP> port 9000
Failed to connect to <external_IP>: Network error: Connection refused
Network error: Connection refused
FATAL ERROR: Network error: Connection refused
我已将我的外部IP添加到Google防火墙(https://console.cloud.google.com/networking/firewalls),并设置为允许通过端口9000的入口流量(其最低优先级,为1000)
我还更新了CentOS中的firewalld以允许通过端口的TCP流量:
Redirecting to /bin/systemctl start firewalld.service
[foo@bar ~]$ sudo firewall-cmd --zone=public --add-port=9000/tcp --permanent
success
[foo@bar ~]$ sudo firewall-cmd --reload
success
[foo@bar ~]$ netstat -npae | grep 9000
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 1000 18381 1201/python3
我想念什么吗?
注意:实际的外部IP替换为<external_IP>占位符
更新:如果我通过本地IP(例如127.0.0.1)通过CentOS 7计算实例通过端口9000映射侦听器,则会得到一些结果。有趣的是,如果我通过服务器外部IP(nadda)进行相同的nmap调用。所以这必须是防火墙,对吗?
外部呼叫
[foo@bar~]$ nmap <external_IP> -Pn Starting Nmap 6.40 ( http://nmap.org ) at 2020-05-25 00:33 UTC Nmap scan report for <external_IP>.bc.googleusercontent.com (<external_IP>) Host is up (0.00043s latency). Not shown: 998 filtered ports PORT STATE SERVICE 22/tcp open ssh 3389/tcp closed ms-wbt-server Nmap done: 1 IP address (1 host up) scanned in 4.87 seconds内部通话
[foo@bar~]$ nmap 127.0.0.1 -Pn
Starting Nmap 6.40 ( http://nmap.org ) at 2020-05-25 04:36 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.010s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
9000/tcp open cslistener
Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
我有一个运行CentOS 7的Google计算,我写了一个快速测试,试图通过端口9000(从家用PC)与之通信-但我出乎意料地遇到了网络错误。这都发生...
在这种情况下,在后端VM上运行的软件必须正在侦听任何IP(0.0.0.0或:: :),您正在侦听“ 127.0.0.1:9000”,而它应该是“ 0.0.0.0:9000”。