Editing 網路服務連線測試 (section)

== 測試本地網路服務的連接性 ==
WAN &#9675; -------&gt; &#9675; LAN -------&gt; <span style="color:red">&#9679; 伺服器</span>

{{Tips}} 如果您有管理權限通過SSH或遠程桌面服務登錄伺服器。

=== 檢查您的電腦/伺服器是否被指派了IP位址 ===

* {{Linux}}：(1) 檢查IP位址。{{kbd | key = ifconfig}}。 (2) 重新分配IP位址並重新啟動網路服務。{{kbd | key = service network restart}} 用於CentOS<ref>[http://askubuntu.com/questions/230698/how-to-restart-the-networking-service 如何重新啟動網路服務？ - Ask Ubuntu]</ref>
* {{Win}}：檢查IP位址。{{kbd | key = ifconfig/all}} 
* 更多關於[[網路問題]]

=== 檢查網路服務是否已成功啟動？ ===
* Apache {{kbd | key = /etc/init.d/httpd status}} 在CentOS7上 <ref>[https://www.e2enetworks.com/help/knowledge-base/how-to-check-running-status-of-lamp-stack/ 如何檢查LAMP堆棧的運行狀態 | E2E Networks知識庫]</ref>
* nginx {{kbd | key = sudo service nginx status}} 在CentOS7上 
* Docker容器 {{kbd | key = docker ps}} 檢查容器是否在運行和暴露埠口<ref>[https://docs.docker.com/engine/reference/commandline/ps/ docker ps | Docker文件]</ref>

=== 檢查MySQL是否已成功啟動？ ===
==== 使用lsof指令 ==== 
{{kbd | key = lsof -i:3306}} 在{{Mac}}或{{Linux}} 在Unix類操作系統中用於列出打開的文件及打開它們的進程。

* lsof：這代表"列出打開的文件"。它是一個命令行工具，顯示有關由進程打開的文件的資訊。在Unix和Linux中，一切都被視為文件（包括硬體設備、套接字和目錄），因此lsof是系統管理員監控和排除系統行為問題的強大工具。

* -i：這個選項告訴lsof僅顯示網絡文件。在Unix和Linux中，網絡連接被視為文件。-i選項可用於根據互聯網地址或網絡協議過濾連接。

* :3306：這指定了埠號。埠3306通常被MySQL使用，這是一個流行的數據庫管理系統。通過包括:3306，您要求lsof列出所有與埠3306相關的網絡文件（包括套接字連接）。

輸出範例：localhost:mysql (LISTEN) 意味著MySQL已成功啟動

<pre>
COMMAND     PID      USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
mysqld    93034 account   29u  IPv4 0xxxx      0t0  TCP localhost:mysql (LISTEN)
</pre>

==== 使用ps指令 ====

{{kbd | key = <nowiki>ps aux | grep mysql</nowiki>}} 在{{Mac}}

如果MySQL已成功啟動的輸出範例：
<pre>
_mysql           11083   0.3  0.2 409657280  31424   ??  Ss    2:12下午   0:01.07 /usr/local/mysql/bin/mysqld --user=_mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --plugin-dir=/usr/local/mysql/lib/plugin --log-error=/usr/local/mysql/data/mysqld.local.err --pid-file=/usr/local/mysql/data/mysqld.local.pid --keyring-file-data=/usr/local/mysql/keyring/keyring --early-plugin-load=keyring_file=keyring_file.so
ACCOUNT        12349   0.0  0.0 408645328   1648 s011  S+    2:14下午   0:00.00 grep mysql
</pre>

如果MySQL沒有成功啟動的示例輸出：

<pre>
ACCOUNT        12349   0.0  0.0 408645328   1648 s011  S+    2:14下午   0:00.00 grep mysql
</pre>

=== 檢查埠是否被其他進程佔用？ ===
檢查埠是否被其他協議使用

[https://www.speedguide.net/ports.php SG TCP/IP埠數據庫]
[https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers 維基百科 - TCP和UDP埠號列表]

Example output of netstat command, more on [[Find process running on port]]
<pre>
$ netstat -tulpn | grep LISTEN

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      - 

// means the 80 port service is running
</pre>

=== Check if a port is blocked by browser ===
Check if a port is blocked by browser<ref>[https://blog.miniasp.com/post/2022/05/02/Dont-use-ERR_UNSAFE_PORT-for-your-website?fbclid=IwAR2y9D60H-j8-5T1zJixTU-L2ydbn7LgnWpG1v53fyaKCyuuqx2MqfU80fI 開發與部署網站時需注意不要使用到 ERR_UNSAFE_PORT 不安全的埠號 | The Will Will Web]</ref>
* {{Chrome}} [https://chromium.googlesource.com/chromium/src.git/+/refs/heads/master/net/base/port_util.cc#52 net/base/port_util.cc - chromium/src.git - Git at Google]
* [https://fetch.spec.whatwg.org/#port-blocking Fetch Standard] 2.9. Port blocking


=== Is the port opened for external users? ===
Check the OS firewall or protected by antivirus software

** {{Linux}}
*** [http://linux.die.net/man/8/iptables iptables]: (1) {{kbd | key = iptables -L}} to list all rules<ref>[http://wiki.centos.org/HowTos/Network/IPTables HowTos/Network/IPTables - CentOS Wiki]</ref> (2) rule with smaller line-number will override the rule with larger line-number<ref>[https://fedoraproject.org/wiki/How_to_edit_iptables_rules?rd=User_talk:Rforlot How to edit iptables rules - FedoraProject]</ref>
*** [https://fedoraproject.org/wiki/FirewallD FirewallD] rules: (1) {{kbd | key = <nowiki>sudo firewall-cmd --get-default-zone</nowiki>}} return 'public' (2) {{kbd | key = <nowiki>sudo firewall-cmd --list-all --zone=public</nowiki>}}<ref>[https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7 How To Set Up a Firewall Using FirewallD on CentOS 7 | DigitalOcean]</ref> (3) Allow port with FirewallD
*** [http://linux.die.net/man/8/semanage SELinux Policy Management]:  (1) After installed {{kbd | key =policycoreutils-python}}<ref>[http://sharadchhetri.com/2014/10/07/semanage-command-found-centos-7-rhel-7/ semanage command not found on CentOS 7 and RHEL 7]</ref>, input {{kbd | key = <nowiki>semanage port -l</nowiki>}} to list open ports. (2) Allow port with semanage.
** {{Win}} [https://technet.microsoft.com/en-us/library/cc754274.aspx?f=255&MSPPError=-2147217396 Windows Firewall with Advanced Security] -> configure firewall rules
** protected by antivirus software?
* connect to localhost ex: {{kbd | key= telnet 127.0.0.1 23}} where 23 is the port number where the service running
** [https://technet.microsoft.com/en-us/library/cc771275(v=ws.10).aspx Install Telnet Client] on {{Win}}
** if the local service is web server, you can also try  {{kbd | key = <nowiki>lynx http://127.0.0.1</nowiki>}} for {{Linux}}
* double [[Testing#check_the_server.2Fservice_logs | check the server/service logs]]