时间:2023-02-23 09:11:13 | 栏目:Linux | 点击:次
前言
不论是要启动,还是要关闭tomcat服务,都是要去到tomcat安装目录下的bin路径,当然你要是电脑关机自然是不需要的。
但最近在启动后发现了一个问题:Centos服务器,本地和服务器ip互ping正常(本机ping服务器,服务器ping本地),但是服务器上部署好tomcat后,本机却无法通过浏览器访问服务器tomcat的8080端口.
比如服务器公网ip为:123.123.123.123,启动tomcat后默认端口为8080,通过123.123.123.123:8080访问时,无法访问tomcat默认页面.考虑是服务器防火墙的问题.
确认tomcat已开启
$ ps -ef|grep tomcat
控制台输出,表明tomcat已处于开启状态
root 1428 1 0 Dec08 ? 00:02:16 /usr/local/java/jdk1.8.0_152/jre/bin/java -Djava.util.logging.config.file=/usr/local/java/tomcat8/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -classpath /usr/local/java/tomcat8/bin/bootstrap.jar:/usr/local/java/tomcat8/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/java/tomcat8 -Dcatalina.home=/usr/local/java/tomcat8 -Djava.io.tmpdir=/usr/local/java/tomcat8/temp org.apache.catalina.startup.Bootstrap start root 4932 4069 0 09:16 pts/0 00:00:00 grep --color=auto tomcat
如果tomcat未开启,则通过tomcat的startup.sh命令开启,直接输入文件所在的路径即可.
$ /usr/local/java/tomcat8/bin/startup.sh
控制台输出:
[root@izbp109iqt20o2h63tpcuvz ~]# /usr/local/java/tomcat8/bin/startup.sh Using CATALINA_BASE: /usr/local/java/tomcat8 Using CATALINA_HOME: /usr/local/java/tomcat8 Using CATALINA_TMPDIR: /usr/local/java/tomcat8/temp Using JRE_HOME: /usr/local/java/jdk1.8.0_152/jre Using CLASSPATH: /usr/local/java/tomcat8/bin/bootstrap.jar:/usr/local/java/tomcat8/bin/tomcat-juli.jar Tomcat started.
Tomcat started.表明tomcat已开启成功!
配置防火墙
编辑防火墙配置
$ vi /etc/sysconfig/iptables
添加8080端口的防火墙,允许访问.
*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited
注意!非常关键:端口的配置必须要在如下配置的上方,放在下方无效.
-A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited
输入i开始编辑,ESC键结束编辑,WQ保存并退出.
重启防火墙
$ service iptables restart
之后就可以在本机通过浏览器访问123.123.123.123:8080,就可以正常看到tomcat的默认欢迎页面了.
总结
参考链接:http://blog.csdn.net/itzhangdaopin/article/details/62044620