(tcp) failed: No route to host

1 문제상황[ | ]

root@zetawiki:~# nc -vz 135.79.246.80 22
Connection to 135.79.246.80 22 port [tcp/ssh] succeeded!
root@zetawiki:~# nc -vz 135.79.246.80 8080
nc: connect to 135.79.246.80 port 8080 (tcp) failed: No route to host

2 서버측 확인[ | ]

root@server1:~# netstat -tnlp | grep 8080
tcp6       0      0 :::8080                 :::*                    LISTEN      30172/apache2
root@server1:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere             icmp any
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ftp-data
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:imap2
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpts:50001:50005
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

3 서버측 조치[ | ]

  • ★주의★ 방화벽 룰이 모두 사라지게 되니 보안상 취약할 수 있음
root@server1:~# iptables -F
root@server1:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain RH-Firewall-1-INPUT (0 references)
target     prot opt source               destination

4 확인[ | ]

root@zetawiki:~# nc -vz 135.79.246.80 22
Connection to 115.68.222.4 22 port [tcp/ssh] succeeded!
root@zetawiki:~# nc -vz 135.79.246.80 8080
Connection to 115.68.222.4 8080 port [tcp/http-alt] succeeded!

5 같이 보기[ | ]

6 참고[ | ]

문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}