Ubuntu 22.04.3 Thanks. Output is indeed "0". So it listens to both protocol versions. Will stick with this of course :)
-- Christoph > Am 08.01.2024 um 11:15 schrieb EML <sa212+apa...@cyconix.com>: > > Run this command (I'm assuming you're on Linux): > > $ cat /proc/sys/net/ipv6/bindv6only > > The default output is 0 on Linux (the Windows equivalent is apparently 1). 0 > means that an IPv6 socket will connect to *both* IPv6 and IPv4 (look up > IPV6_V6ONLY). > > You can force Java to listen to IPv4 only, with something like > 'Environment="JAVA_OPTS_APPEND=-Djava.net.preferIPv4Stack=true', but you > probably don't want to do this. > > On 08/01/2024 09:40, Christoph Kukulies wrote: >> Hi, >> >> I'm trying to connect to a tomcat9 server for which I made an entry in >> server.xml: >> >> <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol" >> maxThreads="150" SSLEnabled="true" > >> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> >> <SSLHostConfig> >> <Certificate certificateKeyFile="conf/localhost-rsa-key.pem" >> certificateFile="conf/localhost-rsa-cert.pem" >> certificateChainFile="conf/localhost-rsa-chain.pem" >> type="RSA" /> >> </SSLHostConfig> >> </Connector> >> >> and the following entries are also present, FWIW: >> >> <Connector port="8082" maxHttpHeaderSize="8192" protocol="HTTP/1.1" >> proxyName="cms.mysite.de <http://cms.mysite.de/> <http://cms.mysite.de >> <http://cms.mysite.de/>>" maxThreads="150" enableLookups="false" >> redirectPort="8443" acceptCount="100" connectionTimeout="20000" >> disableUploadTimeout="true" /> >> <Connector port="8081" maxHttpHeaderSize="8192" protocol="HTTP/1.1" >> proxyName="othername.de <http://othername.de/> <http://othername.de >> <http://othername.de/>>" maxThreads="150" enableLookups="false" >> redirectPort="8443" acceptCount="100" connectionTimeout="20000" >> disableUploadTimeout="true" /> >> <Connector port="8080" maxHttpHeaderSize="8192" protocol="HTTP/1.1" >> proxyName="other.de <http://other.de/> <http://other.de >> <http://other.de/>>" maxThreads="150" enableLookups="false" >> redirectPort="8443" acceptCount="100" connectionTimeout="20000" >> disableUploadTimeout="true" /> >> <Connector port="8086" maxHttpHeaderSize="8192" protocol="HTTP/1.1" >> proxyName="alternate.de <http://alternate.de/> <http://alternate.de >> <http://alternate.de/>>" maxThreads="150" enableLookups="false" >> redirectPort="8443" acceptCount="100" connectionTimeout="20000" >> disableUploadTimeout="true" /> >> >> >> Connection to the server through port 8443 seems to work (filtered by ufw) >> but I'm wondering why I don't see any tcp/v4 connection. >> >> root@mail:/var/lib/tomcat9/logs# ufw status numbered >> Status: active >> >> To Action From >> -- ------ ---- >> [ 1] 25 ALLOW IN Anywhere >> [ 2] 443 ALLOW IN Anywhere >> [ 3] 993 ALLOW IN Anywhere >> [ 4] 587 ALLOW IN Anywhere >> [ 5] 80 ALLOW IN Anywhere >> [ 6] 22 ALLOW IN 33.180.24.29 >> [ 7] 8080/tcp ALLOW IN 33.180.24.29 >> [ 8] 8443/tcp ALLOW IN 33.180.24.29 >> [ 9] 25 (v6) ALLOW IN Anywhere (v6) >> [10] 443 (v6) ALLOW IN Anywhere (v6) >> [11] 993 (v6) ALLOW IN Anywhere (v6) >> [12] 587 (v6) ALLOW IN Anywhere (v6) >> [13] 80 (v6) ALLOW IN Anywhere (v6) >> >> root@mail:/var/lib/tomcat9/logs# netstat -an | grep 8443 >> tcp6 0 0 :::*8443* :::* LISTEN >> 08-Jan-2024 10:25:55.513 INFO [main] >> org.apache.catalina.core.StandardEngine.startInternal Starting Servlet >> engine: [Apache Tomcat/9.0.58 (Ubuntu)] >> 08-Jan-2024 10:25:55.532 INFO [main] >> org.apache.catalina.startup.HostConfig.deployWAR Deploying web application >> archive [/var/lib/tomcat9/webapps/ROOT.war] >> 08-Jan-2024 10:26:07.487 INFO [main] >> org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned >> for TLDs yet contained no TLDs. Enable debug logging for this logger for a >> complete list of JARs that were scanned but no TLDs were found in them. >> Skipping unneeded JARs during scanning can improve startup time and JSP >> compilation time. >> 08-Jan-2024 10:26:23.038 INFO [main] >> org.apache.catalina.startup.HostConfig.deployWAR Deployment of web >> application archive [/var/lib/tomcat9/webapps/ROOT.war] has finished in >> [27,506] ms >> 08-Jan-2024 10:26:23.043 INFO [main] >> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler >> ["http-nio-8082"] >> 08-Jan-2024 10:26:23.079 INFO [main] >> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler >> ["http-nio-8081"] >> 08-Jan-2024 10:26:23.094 INFO [main] >> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler >> ["http-nio-8080"] >> 08-Jan-2024 10:26:23.098 INFO [main] >> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler >> ["http-nio-8086"] >> 08-Jan-2024 10:26:23.108 INFO [main] >> org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler >> ["https-openssl-apr-8443"] >> 08-Jan-2024 10:26:23.133 INFO [main] >> org.apache.catalina.startup.Catalina.start Server startup in [27735] >> milliseconds >> >> root@mail:/var/lib/tomcat9/logs# lsof -i :8443 >> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME >> java 177550 tomcat 43u IPv6 1853946 0t0 TCP *:8443 (LISTEN) >> root@mail:/var/lib/tomcat9/logs# >> >> -- >> Christoph
smime.p7s
Description: S/MIME cryptographic signature
