如何访问虚拟机中的Web服务

需求：

1、在虚拟机Vmware中安装了CentOS6.5，虚拟机使用NAT的方式；
2、在CentOS中安装了APACHE 并且使用 http://192.168.237.128可以正常访问；
3、想在其他windows机器上访问该虚拟机的web服务。

解决办法：

1. 开放Linux防火墙，允许80端口的访问

1）检查防火墙

[root@hadoop1 sbin]# iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 

2）在 /etc/sysconfig/iptables 添加
-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
这样就允许了80端口的访问

[root@hadoop1 sysconfig]# cat iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

3）重启iptables服务

[root@hadoop1 sysconfig]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
[root@hadoop1 sysconfig]# iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source     destination         
ACCEPT     all  --  anywhere   anywhere   state RELATED,ESTABLISHED 
ACCEPT     icmp --  anywhere   anywhere            
ACCEPT     all  --  anywhere   anywhere            
ACCEPT     tcp  --  anywhere   anywhere   state NEW tcp dpt:ssh 
REJECT     all  --  anywhere   anywhere   reject-with icmp-host-prohibited 
ACCEPT     tcp  --  anywhere   anywhere   state NEW tcp dpt:http 

Chain FORWARD (policy ACCEPT)
target     prot opt source     destination         
REJECT     all  --  anywhere   anywhere   reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
target     prot opt source     destination         
[root@hadoop1 sysconfig]# 

2. VMware的NAT设置

选择VMware的Edit -> Virtual Network Editor -> NAT（选择VMnet8）->Edit->Port Forwarding中添加映射
host port：80，virtual machine IP address:192.168.237.128，Port：80

3. 设置windows防火墙

window下进入控制面板->windows防火墙->高级->设置VMware Network Adapter VMnet8->Web 服务器（HTTP）->将虚拟机的ip加入：192.168.237.128