nginx正向代理
配置访问权限使得172.16.121.217只能被172.16.121.216访问
修改/etc/nginx/nginx.conf配置文件
location / {
if ( $remote_addr !~* "^172\.16\.121\.216") {
return 403;
}
}
测试访问
修改172.16.121.216配置文件 配置216正向代理172.16.121.217
listen 81;
resolver 8.8.8.8;
location / {
proxy_pass http://172.16.121.217:81$request_uri;
}
}
修改windows internet属性
测试使用216访问可以看到217的网页
nginx反向代理
在172.16.121.217虚拟机上配置反向代理172.16.121.216:8080
在nginx.conf配置文件中加入反向代理
server
{
listen 8080;
server_name mail.test.com;
default_type ‘text/html’;
charset utf-8;
index index.php index.html index.htm;
root /usr/local/nginx/html/;
location ~ / {
proxy_pass http://172.16.121.216:8080$request_uri;
}
}
这里要将之前的正向代理限制访问先注释掉
# location / {
# if ( $remote_addr !~* "^172\.16\.121\.216") {
# return 403;
# }
# }
查看端口
[root@wjh ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 2406/nginx: master
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 2406/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1104/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1660/master
tcp6 0 0 :::22 :::* LISTEN 1104/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1660/master
在172.16.121.216中的nginx.conf配置文件中加入8080端口
server {
root /usr/local/nginx/html/;
index index.html index.html;
listen 8080;
}
查看一下端口
[root@wjh ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 2371/nginx: master
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 2371/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1098/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1498/master
tcp6 0 0 :::22 :::* LISTEN 1098/sshd
tcp6 0 0 ::1:25 :::*
测试217跳转是否成功