Table of contents
2.1. Configure virtual machine firewall
2.2. Modify the virtual machine network editor
1. Background
The host can access the external network. The virtual machine uses the command: curl http:// URL and can access the web service. The host uses the http:// URL and cannot access the virtual machine (centos7) web service.
2. Solution
2.1. Configure virtual machine firewall
1) Open the port
Instruction: firewall-cmd --add-port=80/tcp --permanent
Make the configuration command take effect: firewall-cmd --reload
Check whether the port is opened successfully: firewall-cmd --list--ports
2) Start the service
Instruction: firewall-cmd --add-service=http --permanent
Make the configuration command take effect: firewall-cmd --reload
Check whether the service is started successfully: firewall-cmd --list--service
3) Configure SEL
semanage fcontext -a -t httpd_sys_content_t upper-level directory path where .html files are stored
例子1:semanage fcontext -a -t httpd_sys_content_t /home/web_data/*
Example 1 means: Make all files under the /home/web_data/ path accessible to the httpd service program
Command to make the configuration take effect immediately: restorecon -Rv path (the path here should be consistent with the path of the semanage command)
Example 2: restorecon -Rv /home/web_data/
Possible problem: semanage command does not exist
Download semanage, command: yum -y install policycoreutils-python.x86_64
2.2. Modify the virtual machine network editor
1) Change the NAT mode to bridge mode and bridge to the network to which the physical machine is connected at this time
As shown in Figures 1 and 2 below:
figure 1
figure 2
important point:
1) The firewall of the virtual machine does not need to be turned off, just configure it.
result:
1) At this time, the web service of the virtual machine can be accessed on the physical machine.