1. There is a server port in the internal network that needs to be mapped to the external network (for example, the external network server applies for a domain name, and then makes a nignx configuration for the domain name, and then configures it. Need to access an intranet http service)
2. The intranet server does not have access rights to the external network. Only one server in the entire intranet has access to the external network, which can be used to penetrate the internal network of the curve-saving version
3. The virtual machine only has a NAT network, and the virtual machine is only equipped with the internal network localhost to forward to the host localhost. At this time, you want to access the virtual machine port from the external network or other internal networks (non-host)
4. Use the agent machine as a bastion machine (springboard machine) to prevent the internal system from being accessed at will. At this time, the bastion machine is configured with port forwarding and the internal system is accessed through the bastion machine.
nginx configuration file location reference
Linux: In /etc/nginx/conf.d/, modify the default.conf file
Windows: In the nginx installation directory\Nginx\conf, modify nginx.conf
Note that there is no stream module in the original nginx.conf (It is said that it is only available in versions after v1.8.x, but mine is not available in v1.5.11), you need to add it yourself. And its level is at the same level as the http module
# 编译nginx的时候要添加stream模块 ./configure –with-stream # 这个模块实现了网络层和传输层的的转发、代理、负载均衡等 # stream与http配置同级 stream { server { listen 3306; proxy_pass 192.168.8.168:3306; # 有了这个server配置,你就可以通过代理机ip+3306端口访问内网的mysql库了 } server { listen 8080; proxy_pass 192.168.8.168:8080; # 有了这个配置,你就可以直接访问代理机ip+8080端口,访问你的内网web服务了 } # 还可以设置指定的客户端IP访问(白名单设置) # 自己百度更多功能吧 } #直接复制可能有问题,几行代码就自己打吧
The above is the detailed content of How to implement port forwarding with nginx. For more information, please follow other related articles on the PHP Chinese website!