linux下启动tomcat后,浏览器无法访问

Centos服务器,本地和服务器ip互ping正常(本机ping服务器,服务器ping本地),但是服务器上部署好tomcat后,本机却无法通过浏览器访问服务器tomcat的8080端口.

比如服务器公网ip为:123.123.123.123,启动tomcat后默认端口为8080,通过123.123.123.123:8080访问时,无法访问tomcat默认页面.考虑是服务器防火墙的问题.

确认tomcat已开启

1
$ ps -ef|grep tomcat

控制台输出,表明tomcat已处于开启状态

1
2
root      1428     1  0 Dec08 ?        00:02:16 /usr/local/java/jdk1.8.0_152/jre/bin/java -Djava.util.logging.config.file=/usr/local/java/tomcat8/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -classpath /usr/local/java/tomcat8/bin/bootstrap.jar:/usr/local/java/tomcat8/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/java/tomcat8 -Dcatalina.home=/usr/local/java/tomcat8 -Djava.io.tmpdir=/usr/local/java/tomcat8/temp org.apache.catalina.startup.Bootstrap start
root 4932 4069 0 09:16 pts/0 00:00:00 grep --color=auto tomcat

如果tomcat未开启,则通过tomcat的startup.sh命令开启,直接输入文件所在的路径即可.

1
$ /usr/local/java/tomcat8/bin/startup.sh

控制台输出:

1
2
3
4
5
6
7
[root@izbp109iqt20o2h63tpcuvz ~]# /usr/local/java/tomcat8/bin/startup.sh 
Using CATALINA_BASE: /usr/local/java/tomcat8
Using CATALINA_HOME: /usr/local/java/tomcat8
Using CATALINA_TMPDIR: /usr/local/java/tomcat8/temp
Using JRE_HOME: /usr/local/java/jdk1.8.0_152/jre
Using CLASSPATH: /usr/local/java/tomcat8/bin/bootstrap.jar:/usr/local/java/tomcat8/bin/tomcat-juli.jar
Tomcat started.

Tomcat started.表明tomcat已开启成功!

配置防火墙

编辑防火墙配置

1
$ vi /etc/sysconfig/iptables

添加8080端口的防火墙,允许访问.

1
2
3
4
5
6
7
8
9
10
11
12
13
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

注意!非常关键:端口的配置必须要在如下配置的上方,放在下方无效.

1
2
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

输入i开始编辑,ESC键结束编辑,WQ保存并退出.

重启防火墙

1
$ service iptables restart

之后就可以在本机通过浏览器访问123.123.123.123:8080,就可以正常看到tomcat的默认欢迎页面了.

(完)

参考链接:

http://blog.csdn.net/itzhangdaopin/article/details/62044620

坚持原创技术分享,您的支持将鼓励我继续创作!