linux系统如何修改端口号

合集下载
相关主题
  1. 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
  2. 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
  3. 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。

一、修改/etc/httpd/conf/httpd.conf文件中的监听端口号

Listen 80

把80修改成需要的号,如8000,即

Listen 8000
二、查看SELinux下http相关端口

# semanage port -l|grep http
http_cache_port_t tcp 3128, 8080, 8118, 10001-10010
http_cache_port_t udp 3130
http_port_t tcp 80, 443, 488, 8008, 8009, 8443
pegasus_http_port_t tcp 5988
pegasus_https_port_t tcp 5989

发现8000不在其范围之内,所以需要另外添加,方法如下:

# semanage port -a -t http_port_t -p tcp 8000

再次查看,

# semanage port -l|grep http
http_cache_port_t tcp 3128, 8080, 8118, 10001-10010
http_cache_port_t udp 3130
http_port_t tcp 8000, 80, 443, 488, 8008, 8009, 8443
pegasus_http_port_t tcp 5988
pegasus_https_port_t tcp 5989

三、在防火墙中开放新添加的端口

修改/etc/sysconfig/iptables文件,在文件中添加如一行:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 8008 -j ACCEPT

四、重启防火墙和Apache

# service iptables restart

# service httpd restart

五、正常情况下,应该可以通过新端口访问WEB服务了。

注:

1、第二、三、四步骤是在系统已经开启SELinux和防火墙的情况下设置的,如果已经关闭此两个服务,修改端口后直接重启Apache即可;

2、修改的端口号可以是执行#semanage port -l|grep http后,默认已经有的端口,如8443,这样可以省略额外添加SELinux端口操作;

3、第三步操作可以图形界面下完成。

参考资料

1、Permission denied: make_sock: could not bind to address

/2009/07/permission-denied-makesock-could-not.html

不熟悉python、plone、zope,想用apache。80端口已经不在,就征用81端口凑合吧。修改httpd.conf后apachectl start,结果:
(13)Permission denied: make_sock: could not bind to address [::]:81
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:81

查一下SELinux下http相关端口 semanage port -l|grep http,结果:
http_cache_port_t tcp 3128, 8080, 8118, 10001-10010
http_cache_port_t udp 3130
http_port_t tcp 80, 443, 488, 8008, 8009, 8443
pegasus_http_port_t tcp 5988
pegasus_https_port_t tcp 5989

直接用man semanage最后例子中的一句
# Allow Apache to listen on port 81
semanage port -a -t http_port_t -p tcp 81
然后再apachectl start,OK。使用域名:81能够访问啦。

注:semanage
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. This includes the mapping from Linux usernames to SELinux user identities (which controls the initial security context assigned to Linux users when they login and bounds their authorized role set) as well as

security context mappings for various kinds of objects, such as network ports, interfaces, and nodes(hosts) as well as the file context mapping. See the EXAMPLES section below for some examples of common usage. Note that the semanage login command deals with the mapping from Linux usernames (logins) to SELinux user identities, while the semanage user command deals with the mapping from SELinux user identities to authorized role sets. In most cases, only the former mapping needs to be adjusted by the administrator; the latter is principally defined by the base policy and usually does not require modification.

2、linux 下apche无法监听端口解决办法

/blog/fxs_2008/archive/2010/07/05/187.html

想建立一个测试用的虚拟主机,遇到了这个问题:
[root@localhost html]# service httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.termwikidev for ServerName
(13)Permission denied: make_sock: could not bind to address [::]:81
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:81
no listening sockets available, shutting down
Unable to open logs

解决办法:

semanage port -l|grep http
semanage port -a -t http_port_t -p tcp 81

这个两个命令一是查看,一个是添加,添加完再查看一遍,如果有81,则成功。另可能要以root用户运行。

此外,如果要外网访问,还要打开linux的防火墙:

[root@localhost html]# vim /etc/sysconfig/iptables
[root@localhost html]# service iptables restart

重启apache.



相关文档
最新文档