node.js - nginx 访问不了非80端口

Answer 1

"2017.1.6 update starts"

Do you want to reverse proxy node service through nginx?

If yes, please delete the root information:

root /usr/web;

"2017.1.6 update ends"

First of all, your nginx configuration is fine, but it can be modified into the following format:

server {

  listen 8089;
  root /usr/web;

  location / {

    index index.html;
    proxy_pass http://127.0.0.1:3000;

   }

}

Then please confirm that your nginx is running through the following command:

[root@centos-test ~]# ps -aux | grep nginx
root      1376  0.0  0.5 122948  5128 ?        Ss   19:02   0:00 nginx: master process nginx
nginx     1406  0.0  0.3 123180  3616 ?        S    19:03   0:00 nginx: worker process
nginx     1407  0.0  0.4 123180  4100 ?        S    19:03   0:00 nginx: worker process
root      1410  0.0  0.0 112664   932 pts/0    R+   19:03   0:00 grep --color=auto nginx

You can also confirm that your nginx is listening to the correct port through the following command:

[root@centos-test ~]# netstat -anp | grep 8089
tcp        0      0 0.0.0.0:8089            0.0.0.0:*               LISTEN      1376/nginx: master  
tcp        0      0 10.1.1.118:8089         10.1.1.66:54931         ESTABLISHED 1407/nginx: worker  
tcp        0      0 10.1.1.118:8089         10.1.1.66:54932         ESTABLISHED 1407/nginx: worker

If nginx is confirmed to be running normally, please confirm that iptables is in the release state through the following command:

[root@centos-test ~]# iptables -L -vn

It should be noted that iptables contains a REJECT rule in the FORWARD chain in the default state:

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

You can delete it with the following command:

#先显示规则行数
[root@centos-test ~]# iptables -L -vn --line-number

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

#然后删除该规则
[root@centos-test ~]# iptables -D FORWARD 1

#保存并重新加载
[root@centos-test ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@centos-test ~]# service iptables reload
Redirecting to /bin/systemctl reload  iptables.service

It should be noted here that the default rule for the INPUT chain in your iptables is ACCEPT, and there is no need to manually add release rules.

If nginx cannot be accessed yet, please check whether the proxy_pass server is running normally.

Answer 2

Did nginx not restart?

Answer 3

Can I access the direct public network IP: 3000?
What about the log information that nginx cannot access?
What about the log information of apache?

Answer 4

service iptables stop 

Turn off the firewall or add corresponding port rules