| 解决Armbian安装UFW防火墙后无法访问1Panel面板的问题:有效解决方案揭秘 | 您所在的位置:网站首页 › armbian宝塔面板 › 解决Armbian安装UFW防火墙后无法访问1Panel面板的问题:有效解决方案揭秘 |
解决Armbian安装UFW防火墙后无法访问1Panel面板的问题:有效解决方案揭秘
|
文章目录
前言armbian安装防火墙原因分析解决方案第一步:查看1panel的面板入口端口第二步:打开指定端口的访问权限第三步:重启防火墙第四步骤:查看防火墙状态【可略】
前言
官方的教程很不错,但是还是有一些缺陷,作者从实践的方式出发,给大家带来有用的知识!
armbian安装防火墙
armbian官方的部署文档
更新软件包 sudo apt update安装 ufw sudo apt install ufw 操作结果: root@armbian:~# sudo apt install ufw Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: ufw 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 167 kB of archives. After this operation, 857 kB of additional disk space will be used. Get:1 https://mirrors.tuna.tsinghua.edu.cn/debian bullseye/main arm64 ufw all 0.36-7.1 [167 kB] Fetched 167 kB in 0s (335 kB/s) Preconfiguring packages ... Selecting previously unselected package ufw. (Reading database ... 35412 files and directories currently installed.) Preparing to unpack .../archives/ufw_0.36-7.1_all.deb ... Unpacking ufw (0.36-7.1) ... Setting up ufw (0.36-7.1) ... Creating config file /etc/ufw/before.rules with new version Creating config file /etc/ufw/before6.rules with new version Creating config file /etc/ufw/after.rules with new version Creating config file /etc/ufw/after6.rules with new version Created symlink /etc/systemd/system/multi-user.target.wants/ufw.service → /lib/systemd/system/ufw.service. Processing triggers for rsyslog (8.2102.0-2+deb11u1) ... Processing triggers for man-db (2.9.4-2) ...启动 ufw # 默认情况下,它将允许常见的服务端口(如 SSH、HTTP、HTTPS)通过,而其他所有端口将被拒绝 sudo ufw enable root@armbian:~# sudo ufw enable WARN: uid is 0 but '/etc/default' is owned by 1001 WARN: uid is 0 but '/etc' is owned by 1001 WARN: uid is 0 but '/usr/sbin' is owned by 1001 WARN: uid is 0 but '/usr' is owned by 1001 Command may disrupt existing ssh connections. Proceed with operation (y|n)? y Firewall is active and enabled on system startup 虽然,出现了警告信息,但是没关系,之后解决它检测防火墙状态 root@armbian:~# sudo ufw status WARN: uid is 0 but '/etc/default' is owned by 1001 WARN: uid is 0 but '/etc' is owned by 1001 WARN: uid is 0 but '/usr/sbin' is owned by 1001 WARN: uid is 0 but '/usr' is owned by 1001 Status: active 进行到这里,如果你按照1panel官方教程的话,你会发现1panel的面板与服务器的连接,已经由于防火墙的存在断开,你又如何按照官方的教程点击面板上的开关按钮呢! 检查防火墙状态(补充:可跳过) sudo iptables -L 原因分析由于1panel默认安装时,访问的端口是任意生成的,所以无法通过默认开启的http80端口和https433端口进行访问,所以我们需要查看1panel的端口,然后开放端口的相应的端口。 解决方案 第一步:查看1panel的面板入口端口 1pctl user-info 例如:(这里作者之前进行的端口的修改)参看 Armbian安装1panel教程 root@armbian:~# 1pctl user-info username: root password: xxxx port: 1234 ssl: disable entrance: xxxx 第二步:打开指定端口的访问权限 端口号就是第一步查看的port值sudo ufw allow 例如 root@armbian:~# sudo ufw allow 1234 WARN: uid is 0 but '/etc/default' is owned by 1001 WARN: uid is 0 but '/etc' is owned by 1001 WARN: uid is 0 but '/usr/sbin' is owned by 1001 WARN: uid is 0 but '/usr' is owned by 1001 Rule added Rule added (v6) 第三步:重启防火墙 激活防火墙,并根据您之前添加的规则来配置防火墙sudo ufw enable 例如: root@armbian:~# sudo ufw enable WARN: uid is 0 but '/etc/default' is owned by 1001 WARN: uid is 0 but '/etc' is owned by 1001 WARN: uid is 0 but '/usr/sbin' is owned by 1001 WARN: uid is 0 but '/usr' is owned by 1001 Command may disrupt existing ssh connections. Proceed with operation (y|n)? y Firewall is active and enabled on system startup 第四步骤:查看防火墙状态【可略】 确保防火墙已启用并且包含允许访问1Panel面板的端口规则sudo ufw status 例如: root@armbian:~# sudo ufw status WARN: uid is 0 but '/etc/default' is owned by 1001 WARN: uid is 0 but '/etc' is owned by 1001 WARN: uid is 0 but '/usr/sbin' is owned by 1001 WARN: uid is 0 but '/usr' is owned by 1001 Status: active To Action From -- ------ ---- 1234 ALLOW Anywhere 1234 (v6) ALLOW Anywhere (v6) 至此,你已经解决了问题,请访问第一步查出的1panel的面板入口重新登录,查看防火墙
|
【本文地址】
公司简介
联系我们