文章目录
- 1.测试TCP和UDP端口连接状态
- 1.1.查找命令是由那个软件包提供的
- 1.2.安装测试端口所需的命令
- 1.3.安装所需测试的应用
- 1.4.启动服务
- 1.5.查看端口
- 1.6.测试TCP端口
- 1.7.测试UDP端口
- 1.8.关闭 nginx 服务
- 1.9.开启防火墙测试161端口
- 报错信息
1.测试TCP和UDP端口连接状态
准备环境
| 系统 | IP | 测试端口 | 机器 | 主机名 |
|---|---|---|---|---|
| CentOS Linux | 192.168.192.11 | 主机 | node1 | |
| CentOS Linux | 192.168.192.12 | 80[TCP] 161[UDP] 3306[TCP] 69[UDP] | 目标主机 | node2 |
测试主机与目标端口的网络是否通畅
两台主机的防火墙跟SELinux已关闭
1.1.查找命令是由那个软件包提供的
# 查找 telnet 命令有那个软件包提供的
[root@node1 ~]# yum -y provides telnet # 或者 yum -y provides *bin/telnet
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile* base: ftp.sjtu.edu.cn* epel: ftp.riken.jp* extras: ftp.sjtu.edu.cn* updates: ftp.sjtu.edu.cn
1:telnet-0.17-65.el7_8.x86_64 : The client program for the Telnet remote login protocol
Repo : base1:telnet-0.17-66.el7.x86_64 : The client program for the Telnet remote login protocol
Repo : updates[root@node1 ~]# # 查找 nc 命令有那个软件包提供的
[root@node1 ~]# yum -y provides nc
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile* base: ftp.sjtu.edu.cn* extras: ftp.sjtu.edu.cn* updates: ftp.sjtu.edu.cn
2:nmap-ncat-6.40-19.el7.x86_64 : Nmap's Netcat replacement
Repo : base
Matched from:
Provides : nc[root@node1 ~]#
1.2.安装测试端口所需的命令
[root@node1 ~]# yum -y install telnet nmap
1.3.安装所需测试的应用
[root@node2 ~]# yum -y install nginx net-snmp tftp tftp-server
# mysql 的安装不在这里写了,如果需要请别我的安装mysql文档
1.4.启动服务
[root@node2 ~]# systemctl start snmpd
[root@node2 ~]#
[root@node2 ~]# systemctl status snmpd
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.Loaded: loaded (/usr/lib/systemd/system/snmpd.service; disabled; vendor preset: disabled)Active: active (running) since Sat 2023-08-19 13:54:47 CST; 5s agoMain PID: 2208 (snmpd)CGroup: /system.slice/snmpd.service└─2208 /usr/sbin/snmpd -LS0-6d -fAug 19 13:54:47 node2 systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Aug 19 13:54:47 node2 snmpd[2208]: NET-SNMP version 5.7.2
Aug 19 13:54:47 node2 systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..
[root@node2 ~]# [root@node2 ~]# systemctl start nginx
[root@node2 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy serverLoaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)Active: active (running) since Sat 2023-08-19 13:35:21 CST; 20min agoMain PID: 1900 (nginx)CGroup: /system.slice/nginx.service├─1900 nginx: master process /usr/sbin/nginx├─1901 nginx: worker process├─1902 nginx: worker process└─1903 nginx: worker process
......省略[root@node2 ~]# systemctl start mysqld
[root@node2 ~]# systemctl status mysqld
● mysqld.service - MySQL ServerLoaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)Active: active (running) since Sat 2023-08-19 13:44:51 CST; 11min agoDocs: man:mysqld(8)
......省略N[root@node2 ~]# systemctl start tftp
[root@node2 ~]#
[root@node2 ~]# systemctl status tftp
● tftp.service - Tftp ServerLoaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)Active: active (running) since Sat 2023-08-19 13:57:06 CST; 3s agoDocs: man:in.tftpdMain PID: 2221 (in.tftpd)CGroup: /system.slice/tftp.service└─2221 /usr/sbin/in.tftpd -s /var/lib/tftpbootAug 19 13:57:06 node2 systemd[1]: Started Tftp Server.
[root@node2 ~]#
1.5.查看端口
[root@node2 ~]# ss -antlp | grep 3306
LISTEN 0 70 [::]:33060 [::]:* users:(("mysqld",pid=2107,fd=22))
LISTEN 0 128 [::]:3306 [::]:* users:(("mysqld",pid=2107,fd=25))
[root@node2 ~]# [root@node2 ~]# ss -antlp | grep 80
LISTEN 0 128 *:80 *:* users:(("nginx",pid=1903,fd=6),("nginx",pid=1902,fd=6),("nginx",pid=1901,fd=6),("nginx",pid=1900,fd=6))
LISTEN 0 128 [::]:80 [::]:* users:(("nginx",pid=1903,fd=7),("nginx",pid=1902,fd=7),("nginx",pid=1901,fd=7),("nginx",pid=1900,fd=7))
[root@node2 ~]#[root@node2 ~]# ss -anulp | grep 161
UNCONN 0 0 *:161 *:* users:(("snmpd",pid=2208,fd=6))
[root@node2 ~]#
[root@node2 ~]# ss -anulp | grep 69
UNCONN 0 0 [::]:69 [::]:* users:(("in.tftpd",pid=2221,fd=0),("systemd",pid=1,fd=27))
[root@node2 ~]# [root@node2 ~]# ss -antlu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 *:161 *:*
udp UNCONN 0 0 [::]:69 [::]:*
tcp LISTEN 0 128 127.0.0.1:199 *:*
tcp LISTEN 0 128 *:80 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 70 [::]:33060 [::]:*
tcp LISTEN 0 128 [::]:3306 [::]:*
tcp LISTEN 0 128 [::]:80 [::]:*
tcp LISTEN 0 128 [::]:22 [::]:*
[root@node2 ~]#
1.6.测试TCP端口
[root@node1 ~]# telnet 192.168.192.12 80
Trying 192.168.192.12...
Connected to 192.168.192.12. # 看到 Connected 表示192.168.192.12开通了80端口
Escape character is '^]'.
Connection closed by foreign host.
[root@node1 ~]# # 如果以上的命令看得不是很理解可以使用nmap命令
# nmap命令 – 网络探测及端口扫描工具[root@node1 ~]# nmap -p 80,3306,443 192.168.192.12 # 表示扫描80跟443端口Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:08 CST
Nmap scan report for 192.168.192.12
Host is up (0.00030s latency).
PORT STATE SERVICE
80/tcp open http # open 表示打开了80 端口
443/tcp closed https # closed 表示关闭
3306/tcp open mysql
MAC Address: 00:0C:29:6A:EF:87 (VMware)Nmap done: 1 IP address (1 host up) scanned in 13.46 seconds
[root@node1 ~]# [root@node1 ~]# nc -vz 192.168.192.12 80
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.192.12:80.
Ncat: 0 bytes sent, 0 bytes received in 0.00 seconds.
[root@node1 ~]# # Ncat: 7.50版本(https://nmap.org/ncat)
# Ncat:连接192.168.192.12:80。
# Ncat:发送0字节,在0.00秒内接收0字节。
1.7.测试UDP端口
[root@node1 ~]# nmap -sU -p 161,69 192.168.192.12Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:21 CST
Nmap scan report for 192.168.192.12
Host is up (0.00029s latency).
PORT STATE SERVICE
69/udp open|filtered tftp
161/udp open snmp
MAC Address: 00:0C:29:6A:EF:87 (VMware)Nmap done: 1 IP address (1 host up) scanned in 14.47 seconds
[root@node1 ~]# [root@node1 ~]# nc -vuz 192.168.192.12 161
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.192.12:161.
Ncat: UDP packet sent successfully # 看到successfully 表示成功
Ncat: 1 bytes sent, 0 bytes received in 2.01 seconds.
[root@node1 ~]#
以上都是测试成功的,现在模拟服务没有开启或者防火墙阻挡
1.8.关闭 nginx 服务
[root@node2 ~]# systemctl stop nginx# 到192.168.192.11 主机上测试
[root@node1 ~]# nc -vz 192.168.192.12 80
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connection refused. # 看到refused 表示拒绝连接
[root@node1 ~]#
[root@node1 ~]# nmap -p80,3306 192.168.192.12Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:32 CST
Nmap scan report for 192.168.192.12
Host is up (0.00033s latency).
PORT STATE SERVICE
80/tcp closed http # 表示失败
3306/tcp open mysql # 表示成功
MAC Address: 00:0C:29:6A:EF:87 (VMware)Nmap done: 1 IP address (1 host up) scanned in 13.45 seconds
[root@node1 ~]#
1.9.开启防火墙测试161端口
[root@node2 ~]# systemctl start firewalld
[root@node2 ~]#
[root@node2 ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemonLoaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)Active: active (running) since Sat 2023-08-19 14:36:34 CST; 1min 27s agoDocs: man:firewalld(1)
......# 在node1测试 161 端口
[root@node1 ~]# nc -vuz 192.168.192.12 161
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.192.12:161.
Ncat: No route to host. # 表示失败
[root@node1 ~]#
[root@node1 ~]# nmap -sU -p 161 192.168.192.12Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:39 CST
Nmap scan report for 192.168.192.12
Host is up (0.00028s latency).
PORT STATE SERVICE
161/udp filtered snmp
MAC Address: 00:0C:29:6A:EF:87 (VMware)Nmap done: 1 IP address (1 host up) scanned in 13.45 seconds
[root@node1 ~]# # 放行 161 端口
[root@node2 ~]# firewall-cmd --zone=public --add-port=161/udp --permanent
success
[root@node2 ~]# firewall-cmd --reload # 更新防火墙规则,不然不会生效
success# 查看端口是否开放
[root@node2 ~]# firewall-cmd --zone=public --query-port=161/udp
yes
[root@node2 ~]## 再次测试 161 端口
[root@node1 ~]# nc -vuz 192.168.192.12 161
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.192.12:161.
Ncat: UDP packet sent successfully # 成功
Ncat: 1 bytes sent, 0 bytes received in 2.01 seconds.
[root@node1 ~]#[root@node1 ~]# nmap -sU -p 161 192.168.192.12Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:51 CST
Nmap scan report for 192.168.192.12
Host is up (0.00048s latency).
PORT STATE SERVICE
161/udp open snmp
MAC Address: 00:0C:29:6A:EF:87 (VMware)Nmap done: 1 IP address (1 host up) scanned in 13.46 seconds
[root@node1 ~]#
报错信息
安装 net-snmp 报错信息:
Error: Package: 1:net-snmp-agent-libs-5.7.2-49.el7_9.2.x86_64 (xxx)Requires: libmysqlclient.so.18()(64bit)
Error: Package: 1:net-snmp-5.7.2-49.el7_9.2.x86_64 (xxx)Requires: libmysqlclient.so.18()(64bit)
Error: Package: 1:net-snmp-agent-libs-5.7.2-49.el7_9.2.x86_64 (xxx)Requires: libmysqlclient.so.18(libmysqlclient_18)(64bit)You could try using --skip-broken to work around the problemYou could try running: rpm -Va --nofiles --nodigest
解决安装 net-snmp 报错
[root@node2 ~]# yum -y install https://repo.mysql.com/yum/mysql-8.0-community/el/7/x86_64/mysql-community-libs-compat-8.0.25-1.el7.x86_64.rpm
![linux学习(文件描述符)[13]](https://img-blog.csdnimg.cn/fe4a7f2569fe4ec0b160c19112c5bc69.png)
