如何通过IPtables访问虚拟机中的Seafile服务器?
[英]How to access Seafile server in a virtual machine through IPtables?
问题描述
I have installed Seafile-server 3.0.4 64bit on a Ubuntu-server 14.04 with default ports settings ( ie 8000 , 8082 , 10001 , 12001 ) but fail to access the instance with the client. 
我已经安装了Seafile服务器 3.0.4 64bit Ubuntu的服务器上14.04的默认端口设置( 即 8000 , 8082 , 10001 , 12001 ),但无法与客户端访问实例。
Infrastructure 基础设施
The Ubuntu-server is running as a KVM machine on a Gentoo host. Ubuntu-server在Gentoo主机上作为KVM计算机运行。
Iptables rules iptables规则
After some time I add the following Iptables rules to the host machine ( gentoo ), that seems to match the Seafile 's requirements: 一段时间后,我将以下Iptables规则添加到主机( gentoo ),该规则似乎符合Seafile的要求:
#Iptables-Rules for Seafile
iptables -A INPUT -p tcp -m multiport --dports 8000,8082,10001,12001 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A output -p tcp -m multiport --sports 8000,8082,10001,12001 -m state --state ESTABLISHED -j ACCEPT
However I'm still unable to connect even with telnet to the seafile-server either from Internet or the host machine. 但是,即使是telnet ,我仍然无法从Internet或主机连接到seafile-server。
Update: issue might be related to fail2ban 更新:问题可能与fail2ban有关
1 个解决方案
解决方案1
0 已采纳 2014-07-23 08:37:48
As I'm using NAT to link my virtual machine to my host, I had to edit the rules as follow to get it to work: 当我使用NAT将虚拟机链接到主机时,我必须按如下所述编辑规则以使其正常工作:
#Iptables-Rules for Seafile
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 10001 -j DNAT --to 192.168.8.8:10001
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 12001 -j DNAT --to 192.168.8.8:12001
References 参考文献
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.