I will try this aproach. Im trying with iptables because find out jsvc a little bit late and run the make an all this stuff... I just modify the iptables and that's all ( if it worked!)
I will try this and let you know what happened Thanks for the help guys. -----Original Message----- From: Parsons Technical Services [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 18, 2006 10:43 PM To: Tomcat Users List Subject: Re: IPTABLES Rodrigo, Since it appears that you have not gotten an answer, I will take a stab at this. I am running CentOS 4 on one of my boxes and I used this method. I think you are running into the same issue I did with iptables. Open the iptables file in /etc/sysconfig. DO NOT edit it here. Just look at it. You should see a line like: -A FORWARD -j RH-Firewall-1-INPUT If you do they are using a named list rather than direct FORWARD lines. You will need to modify the lines you are entering to reflect the second part of the line above. In my case it was "RH-Firewall-1-INPUT" but yours may differ. You will notice lines that start out: -A RH-Firewall-1-INPUT -p Instead of -A FORWARD. Try to do the rules like this substituting the name you found from above. iptables -I RH-Firewall-1-INPUT -p tcp --dport 8443 -j ACCEPT iptables -I RH-Firewall-1-INPUT -p tcp --dport 8080 -j ACCEPT And if the redirect statements are not in the file: iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080 iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443 If you look in the file you may see the statements you added originally. Rerun the original statements with a -D in place of the -A to remove them. Then do iptables save Hope this helps. Incase you are wondering the reason things failed before is that the last line of the named list is a reject all and your added lines were never reached. Doug ----- Original Message ----- From: "Asensio, Rodrigo" <[EMAIL PROTECTED]> To: "Tomcat Users List" <users@tomcat.apache.org> Sent: Wednesday, October 18, 2006 4:27 PM Subject: IPTABLES my config Fedora 5 Tomcat 5517 Java Sun 1508 Im running a tomcat in port 80 without httpd I want redirect packages from 80 to 8080 because tomcat is running as tomcat user (cant run as other non root under port 1025) and I tried the IPTABLES redirection aproach but doesnt work I tried this but no news... - A another way is to use Iptables to redirect Port 80 and 443 to user ports (>1024) * /sbin/iptables -A FORWARD -p tcp --destination-port 443 -j ACCEPT * /sbin/iptables -t nat -A PREROUTING -j REDIRECT -p tcp --destination-port 443 --to-ports 8443 * /sbin/iptables -A FORWARD -p tcp --destination-port 80 -j ACCEPT * /sbin/iptables -t nat -A PREROUTING -j REDIRECT -p tcp --destination-port 80 --to-ports 8080 /sbin/iptables-save or /etc/init.d/iptables save from http://wiki.apache.org/tomcat/HowTo somebody had the same problem ? thank you. Rodrigo ------------------------------------------------------------------- Rodrigo Asensio Fuel Management Services Gilbarco Veeder Root phone: +1 336 547 5023 email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> This message (including any attachments) contains confidential and/or proprietary information intended only for the addressee. Any unauthorized disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited and may constitute a violation of law. If you are not the intended recipient, please notify the sender immediately by responding to this e-mail, and delete the message from your system. If you have any questions about this e-mail please notify the sender immediately. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This message (including any attachments) contains confidential and/or proprietary information intended only for the addressee. Any unauthorized disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited and may constitute a violation of law. If you are not the intended recipient, please notify the sender immediately by responding to this e-mail, and delete the message from your system. If you have any questions about this e-mail please notify the sender immediately. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
