Article directory
1. Test the connection status of TCP and UDP ports
prepare the environment
system | IP | test port | machine | CPU name |
---|---|---|---|---|
CentOS Linux | 192.168.192.11 | the host | node1 | |
CentOS Linux | 192.168.192.12 | 80[TCP] 161[UDP] 3306[TCP] 69[UDP] |
target host | node2 |
Test whether the network between the host and the target port is smooth
The firewall and SELinux of the two hosts are closed
1.1. The search command is provided by that package
# 查找 telnet 命令有那个软件包提供的
[root@node1 ~]# yum -y provides telnet # 或者 yum -y provides *bin/telnet
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
* epel: ftp.riken.jp
* extras: ftp.sjtu.edu.cn
* updates: ftp.sjtu.edu.cn
1:telnet-0.17-65.el7_8.x86_64 : The client program for the Telnet remote login protocol
Repo : base
1:telnet-0.17-66.el7.x86_64 : The client program for the Telnet remote login protocol
Repo : updates
[root@node1 ~]#
# 查找 nc 命令有那个软件包提供的
[root@node1 ~]# yum -y provides nc
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
* extras: ftp.sjtu.edu.cn
* updates: ftp.sjtu.edu.cn
2:nmap-ncat-6.40-19.el7.x86_64 : Nmap's Netcat replacement
Repo : base
Matched from:
Provides : nc
[root@node1 ~]#
1.2. Commands required to install the test port
[root@node1 ~]# yum -y install telnet nmap
1.3. Install the required test application
[root@node2 ~]# yum -y install nginx net-snmp tftp tftp-server
# mysql 的安装不在这里写了,如果需要请别我的安装mysql文档
1.4. Start the service
[root@node2 ~]# systemctl start snmpd
[root@node2 ~]#
[root@node2 ~]# systemctl status snmpd
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
Loaded: loaded (/usr/lib/systemd/system/snmpd.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2023-08-19 13:54:47 CST; 5s ago
Main PID: 2208 (snmpd)
CGroup: /system.slice/snmpd.service
└─2208 /usr/sbin/snmpd -LS0-6d -f
Aug 19 13:54:47 node2 systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Aug 19 13:54:47 node2 snmpd[2208]: NET-SNMP version 5.7.2
Aug 19 13:54:47 node2 systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..
[root@node2 ~]#
[root@node2 ~]# systemctl start nginx
[root@node2 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2023-08-19 13:35:21 CST; 20min ago
Main PID: 1900 (nginx)
CGroup: /system.slice/nginx.service
├─1900 nginx: master process /usr/sbin/nginx
├─1901 nginx: worker process
├─1902 nginx: worker process
└─1903 nginx: worker process
......省略
[root@node2 ~]# systemctl start mysqld
[root@node2 ~]# systemctl status mysqld
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2023-08-19 13:44:51 CST; 11min ago
Docs: man:mysqld(8)
......省略N
[root@node2 ~]# systemctl start tftp
[root@node2 ~]#
[root@node2 ~]# systemctl status tftp
● tftp.service - Tftp Server
Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
Active: active (running) since Sat 2023-08-19 13:57:06 CST; 3s ago
Docs: man:in.tftpd
Main PID: 2221 (in.tftpd)
CGroup: /system.slice/tftp.service
└─2221 /usr/sbin/in.tftpd -s /var/lib/tftpboot
Aug 19 13:57:06 node2 systemd[1]: Started Tftp Server.
[root@node2 ~]#
1.5. View port
[root@node2 ~]# ss -antlp | grep 3306
LISTEN 0 70 [::]:33060 [::]:* users:(("mysqld",pid=2107,fd=22))
LISTEN 0 128 [::]:3306 [::]:* users:(("mysqld",pid=2107,fd=25))
[root@node2 ~]#
[root@node2 ~]# ss -antlp | grep 80
LISTEN 0 128 *:80 *:* users:(("nginx",pid=1903,fd=6),("nginx",pid=1902,fd=6),("nginx",pid=1901,fd=6),("nginx",pid=1900,fd=6))
LISTEN 0 128 [::]:80 [::]:* users:(("nginx",pid=1903,fd=7),("nginx",pid=1902,fd=7),("nginx",pid=1901,fd=7),("nginx",pid=1900,fd=7))
[root@node2 ~]#
[root@node2 ~]# ss -anulp | grep 161
UNCONN 0 0 *:161 *:* users:(("snmpd",pid=2208,fd=6))
[root@node2 ~]#
[root@node2 ~]# ss -anulp | grep 69
UNCONN 0 0 [::]:69 [::]:* users:(("in.tftpd",pid=2221,fd=0),("systemd",pid=1,fd=27))
[root@node2 ~]#
[root@node2 ~]# ss -antlu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 *:161 *:*
udp UNCONN 0 0 [::]:69 [::]:*
tcp LISTEN 0 128 127.0.0.1:199 *:*
tcp LISTEN 0 128 *:80 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 70 [::]:33060 [::]:*
tcp LISTEN 0 128 [::]:3306 [::]:*
tcp LISTEN 0 128 [::]:80 [::]:*
tcp LISTEN 0 128 [::]:22 [::]:*
[root@node2 ~]#
1.6. Test TCP port
[root@node1 ~]# telnet 192.168.192.12 80
Trying 192.168.192.12...
Connected to 192.168.192.12. # 看到 Connected 表示192.168.192.12开通了80端口
Escape character is '^]'.
Connection closed by foreign host.
[root@node1 ~]#
# 如果以上的命令看得不是很理解可以使用nmap命令
# nmap命令 – 网络探测及端口扫描工具
[root@node1 ~]# nmap -p 80,3306,443 192.168.192.12 # 表示扫描80跟443端口
Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:08 CST
Nmap scan report for 192.168.192.12
Host is up (0.00030s latency).
PORT STATE SERVICE
80/tcp open http # open 表示打开了80 端口
443/tcp closed https # closed 表示关闭
3306/tcp open mysql
MAC Address: 00:0C:29:6A:EF:87 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 13.46 seconds
[root@node1 ~]#
[root@node1 ~]# nc -vz 192.168.192.12 80
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.192.12:80.
Ncat: 0 bytes sent, 0 bytes received in 0.00 seconds.
[root@node1 ~]#
# Ncat: 7.50版本(https://nmap.org/ncat)
# Ncat:连接192.168.192.12:80。
# Ncat:发送0字节,在0.00秒内接收0字节。
1.7. Test UDP port
[root@node1 ~]# nmap -sU -p 161,69 192.168.192.12
Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:21 CST
Nmap scan report for 192.168.192.12
Host is up (0.00029s latency).
PORT STATE SERVICE
69/udp open|filtered tftp
161/udp open snmp
MAC Address: 00:0C:29:6A:EF:87 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 14.47 seconds
[root@node1 ~]#
[root@node1 ~]# nc -vuz 192.168.192.12 161
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.192.12:161.
Ncat: UDP packet sent successfully # 看到successfully 表示成功
Ncat: 1 bytes sent, 0 bytes received in 2.01 seconds.
[root@node1 ~]#
The above tests are all successful, but now the simulated service is not enabled or blocked by a firewall
1.8. Close nginx service
[root@node2 ~]# systemctl stop nginx
# 到192.168.192.11 主机上测试
[root@node1 ~]# nc -vz 192.168.192.12 80
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connection refused. # 看到refused 表示拒绝连接
[root@node1 ~]#
[root@node1 ~]# nmap -p80,3306 192.168.192.12
Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:32 CST
Nmap scan report for 192.168.192.12
Host is up (0.00033s latency).
PORT STATE SERVICE
80/tcp closed http # 表示失败
3306/tcp open mysql # 表示成功
MAC Address: 00:0C:29:6A:EF:87 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 13.45 seconds
[root@node1 ~]#
1.9. Open the firewall to test port 161
[root@node2 ~]# systemctl start firewalld
[root@node2 ~]#
[root@node2 ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: active (running) since Sat 2023-08-19 14:36:34 CST; 1min 27s ago
Docs: man:firewalld(1)
......
# 在node1测试 161 端口
[root@node1 ~]# nc -vuz 192.168.192.12 161
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.192.12:161.
Ncat: No route to host. # 表示失败
[root@node1 ~]#
[root@node1 ~]# nmap -sU -p 161 192.168.192.12
Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:39 CST
Nmap scan report for 192.168.192.12
Host is up (0.00028s latency).
PORT STATE SERVICE
161/udp filtered snmp
MAC Address: 00:0C:29:6A:EF:87 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 13.45 seconds
[root@node1 ~]#
# 放行 161 端口
[root@node2 ~]# firewall-cmd --zone=public --add-port=161/udp --permanent
success
[root@node2 ~]# firewall-cmd --reload # 更新防火墙规则,不然不会生效
success
# 查看端口是否开放
[root@node2 ~]# firewall-cmd --zone=public --query-port=161/udp
yes
[root@node2 ~]#
# 再次测试 161 端口
[root@node1 ~]# nc -vuz 192.168.192.12 161
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.192.12:161.
Ncat: UDP packet sent successfully # 成功
Ncat: 1 bytes sent, 0 bytes received in 2.01 seconds.
[root@node1 ~]#
[root@node1 ~]# nmap -sU -p 161 192.168.192.12
Starting Nmap 6.40 ( http://nmap.org ) at 2023-08-19 14:51 CST
Nmap scan report for 192.168.192.12
Host is up (0.00048s latency).
PORT STATE SERVICE
161/udp open snmp
MAC Address: 00:0C:29:6A:EF:87 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 13.46 seconds
[root@node1 ~]#
error message
Install net-snmp error message:
Error: Package: 1:net-snmp-agent-libs-5.7.2-49.el7_9.2.x86_64 (xxx)
Requires: libmysqlclient.so.18()(64bit)
Error: Package: 1:net-snmp-5.7.2-49.el7_9.2.x86_64 (xxx)
Requires: libmysqlclient.so.18()(64bit)
Error: Package: 1:net-snmp-agent-libs-5.7.2-49.el7_9.2.x86_64 (xxx)
Requires: libmysqlclient.so.18(libmysqlclient_18)(64bit)
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
Solve the error of installing net-snmp
[root@node2 ~]# yum -y install https://repo.mysql.com/yum/mysql-8.0-community/el/7/x86_64/mysql-community-libs-compat-8.0.25-1.el7.x86_64.rpm