Results 1 to 8 of 8

Thread: port redirection, multiple IP addresses (or run on port 80)

  1. #1

    Thumbs up port redirection, multiple IP addresses (or run on port 80)

    Hi all. I have a problem (I am newbee in SuSE firewall0.

    I do have a openSuse 11.4 and multiple IP addresses on eth0 interface

    eth0, 10.5.6.11,10.5.6.12/10.5.6.13/10.5.6.14........

    I run (trying to/have to) multiple TOMCAT servers.

    I am trying to have each tomcat instance listen to on separate IP address
    for example:
    tomcat 1 - 10.5.6.11 - HTTP=8080 HTTPS=8443
    tomcat 2 - 10.5.6.12 - HTTP=8080 HTTPS=8443

    What i am trying to do is to redirect
    a) tomcat 1 -
    10.5.6.11:80 to 10.5.6.11:8080
    10.5.6.11:443 to 10.5.6.11:8443

    a) tomcat 2 -
    10.5.6.12:80 to 10.5.6.12:8080
    10.5.6.12:443 to 10.5.6.12:8443

    and so on.

    I know that it has to be possible.

    I do have just eth0/

    Is is it possible.
    Do I have to create "vittual interfaces"? eth0:1, .......... and do redirection ?

    "Server" has got just single interface - just 1 ethernet calbe goes to that server. I am planning to have 10-15 tomcat's on that server (I have to unfortunatley) and each has to run on port 80

    Is it possible to "grant" permissions to normal users to run app on port 80 - that would solve me lots of problems if impossible to redirect.


    I tried to setcap 'cap_net_bind_service=+ep' /path/to/tomcat ...... but no luck

    Regards
    kick_my_eye

  2. #2
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: port redirection, multiple IP addresses (or run on port 80)

    No additional interfaces required. It has been possible to bind multiple addresses to one interface for a while now

    Normal user cannot open port under 1024.

    Make sure each tomcat listens on only one address. Then it's just a matter of a redirect rule for each tomcat.

  3. #3

    Default Re: port redirection, multiple IP addresses (or run on port 80)

    OK. No problem....
    I can set <connector) to listen on specific IP.
    I have doen hat already.
    I have tomcat 1,2,3,4..... that listen on specific IP addresses and on port 8080(http) and 8443(https).
    The problem i have is to resirect http(80) to 8080 and https(443) to 8443

    I am not allowed use ports other than 80/448. It has to be http/https. How can I redirect ports?
    Regards.

  4. #4
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: port redirection, multiple IP addresses (or run on port 80)

    With iptables rules using the REDIRECT target. You need one rule per port and host, so 2 x number of tomcats.

  5. #5

    Default Re: port redirection, multiple IP addresses (or run on port 80)

    Hi there,

    You are on the right path with setting the <connector> in your Tomcat server.xml and defining the proxy settings in your httpd.conf. (This is a job for mod_jk and not for iptables, though I would just turn off your firewall while you get the proxy set up to rule out any trouble, and then turn it back on once you have the proxy redirection working.)

    You will also need to make sure Apache has loaded an appropriate proxy module - most likely mod_jk. This is a separate package from Tomcat, so please make sure you have apache2-mod_jk installed as well, and the module with then show up when you do apachectl -M

    Don't forget to restart Tomcat / Apache when you make any changes to their config files.

    LewsTherin

  6. #6
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: port redirection, multiple IP addresses (or run on port 80)

    As usual there are many ways to do this. iptables is one way and avoids running an Apache, unless you need one anyway for the main site. Another way, as mentioned, is using mod_jk, which has the advantage that you can set u load balancing if required. You can also use the ProxyPass and ProxyReversePass directives in Apache to proxy to the tomcat.

  7. #7

    Default Re: port redirection, multiple IP addresses (or run on port 80)

    Ken_yap (as usual) is totally right - you can certainly use iptables too, and as he says Apache is not even required then. There are some benefits to either way really - you can try both and see what works best for you.

  8. #8

    Default Re: port redirection, multiple IP addresses (or run on port 80)

    Hi.
    The problem was ...... SuseFirewall2 (some strange tool).
    I used RDIRECT on specific IP and all works. I have 17 I_P addresses and all work on port 80.
    In TOMCAT's <connector> section i use address="xxx.xxx.xxx.xx" so each TOMCAT listen on different interface.

    Job done.

    Thanks.

    Next thing is to investigate APACHE->TOMCAT connection.

    Rrgards.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •