nginx与防火墙
碰到个很奇怪的问题,网络上找不到相关信息
公司有个网站,在阿里云上。以下为防火墙过滤信息
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:11211
8 DROP icmp -- 0.0.0.0/0 0.0.0.0/0
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23
11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8009
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9000
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
正常的时候可以访问公司网站,但我使用iptables -P INPUT DROP后,我设置的nginx就无法通过upstream连接后端的服务。
1246#0: *140697 connect() to [::1]:8080 failed (101: Network is unreachable) while connecting to upstream, client: 180.153.206.22, server: www.cctvshow.com, request: "GET /static/assets/plugins/respond.min.js HTTP/1.1", upstream: "http://[::1]:8080/static/assets/plugins/respond.min.js", host: "www.cctvshow.com", referrer: "http://www.cctvshow.com/static/assets/plugins/respond.min.js"
求助。。。