GCP上有一个开放端口,但Netstat没有显示
我已经设置了两个防火墙规则,一个打开端口9092,另一个打开端口999。我遵循概述在这里。这是图片:
当我执行netstat -tuplen时,我得到以下内容:
,这些端口中的非端口都在那里。另外,当我使用telnet IP 999或telnet IP 9092时,我没有得到任何响应。请注意,对于端口9092,我使用目标标签:tag1,并将其添加到我的VM上的网络标签,但对于端口999 < /代码>将其设置为网络中的所有实例。此外,当我使用gcloud打开端口时,我会收到以下消息:
user1@instance:~$ gcloud compute firewall-rules create port8000 --allow tcp:8000 --source-tags=tags02 --source-ranges=0.0.0.0/0 --description="blah"
Creating firewall...failed.
ERROR: (gcloud.compute.firewall-rules.create) Could not fetch resource:
- Request had insufficient authentication scopes.
我在做什么错以及如何修复它?
I have set up two firewall rules, one opens port 9092 and the other opens port 999. I followed steps outlined here. Here is the picture:
When I execute netstat -tuplen, I get the following:
and non of those ports are there. Also, when I use telnet ip 999 or telnet ip 9092, I do not get any responses. Note that for port 9092, I used Target tags: tag1 and added it to Network tags on my VM but for port 999 it is set to All instances in the network. In addition, when I use gcloud to open a port I get the following message:
user1@instance:~$ gcloud compute firewall-rules create port8000 --allow tcp:8000 --source-tags=tags02 --source-ranges=0.0.0.0/0 --description="blah"
Creating firewall...failed.
ERROR: (gcloud.compute.firewall-rules.create) Could not fetch resource:
- Request had insufficient authentication scopes.
What am I doing wrong and how I can fix it?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
关于使用
gcloud命令遇到的错误,该命令看起来正确。 “身份验证范围不足”错误的原因是因为它看起来您正在尝试从GCE VM运行此gcloud命令,并且附加了一个示波器。默认范围应为
允许默认访问。在这里,您无法访问添加/修改防火墙规则所需的API。您必须关闭VM,更新范围(将其更改为允许对所有Cloud API>)进行完整访问,然后重新开始(如果您想从VM运行)。否则,只需使用云外壳即可。编辑:我没有意识到您没有在999或9092上听的任何操作,因此您当然不会得到任何响应。如果需要快速侦听器,请使用NetCat(
nc)在所需的端口上运行侦听器(例如nc -l 999)Regarding the error you got with the
gcloudcommand, the command looks right. The reason for the "insufficient authentication scopes" error is because it looks like you're trying to run thisgcloudcommand from a GCE VM and there's a scope attached to it.The default scope should be
Allow default access. Here, you won't have access to the API required to add/modify firewall rules. You have to shutdown the VM, update the scope (change it toAllow full access to all Cloud APIs) and start it up again (if you wish to run this from your VM). Otherwise, just use cloud shell.EDIT: I didn't realize you didn't have anything running that listens on 999 or 9092, so of course you're not going to get any sort of response. If you need a quick listener then use netcat (
nc) to run a listener on the port you want (e.g.nc -l 999)