django运行python manage.py runserver 0.0.0.0:8000成功但其他机子仍然无法访问问题终结
方法一:直接关闭防火墙(不建议,存在安全风险)
执行关闭防火墙命令
[root@gx-jkstore-4 ~]# service iptables stop
再测试发现可以成功访问。
ps:
重启防火墙命令:service iptables restart
开启防火墙命令:service iptables start
方法二:配置iptables文件
编辑iptables文件
[root@gx-jkstore-4 sysconfig]# vim iptables
ps:
这个配置文件的大概意思是:
ACCEPT允许所有数据
REJECT拒绝所有的数据
意思是除了3000/22/8000外的其他端口均拒绝执行tcp通信。
编辑iptables
// An highlighted block
[root@gx-jkstore-4 sysconfig]# vim iptables
# sample configuration for iptables service
# you can edit this manually or use system-config-firewall
# please do not ask us to add additional ports/services to this default configuration
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3000 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8000 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
重启防火墙
// An highlighted block
"iptables" 16L, 684C 已写入
[root@gx-jkstore-4 sysconfig]#
[root@gx-jkstore-4 sysconfig]#
[root@gx-jkstore-4 sysconfig]#
[root@gx-jkstore-4 sysconfig]# service iptables stop
Redirecting to /bin/systemctl stop iptables.service
[root@gx-jkstore-4 sysconfig]# service iptables restart
Redirecting to /bin/systemctl restart iptables.service
[root@gx-jkstore-4 sysconfig]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3000
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8000
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited