durable port redirect with susefirewall2

user · September 7, 2008, 11:54pm

Hello all,

I would like to redirect all request (local and remote) for port 80 to port 8080, which belongs to the running tomcat 6.

I can accomplish this with the following two iptable rules:

>iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080

>iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 8080

What I could not yet find is a way, to let this two rules be created by the susefirewall2. Has anybody an idea to achieve this?
Or is there a proper place to add these two lines somewhere in the rc configs, that these two rules are always added during system startup and after every susefirewall2 reconfiguration?

Thank you in advance,
Rick

df6269 · September 8, 2008, 3:14pm

Please refer to following address to add your rules in after.local file.
Bryan’s technical world: There is a way to do something startup at boot-up on openSUSE

ken_yap · September 8, 2008, 4:34pm

How about the custom rules file hook in /etc/sysconfig/SuSEfirewall2?

## Type:        string
#
# 25.)
# Do you want to load customary rules from a file?
#
# This is really an expert option. NO HELP WILL BE GIVEN FOR THIS!
# READ THE EXAMPLE CUSTOMARY FILE AT /etc/sysconfig/scripts/SuSEfirewall2-custom
#
#FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom"
FW_CUSTOMRULES=""

user · September 9, 2008, 6:27pm

I could eventually solve the issue by myself.

Setting

FW_REDIRECT=“0/0,0/0,tcp,80,8080”

in the /etc/sysconfig/SuSEfirewall2

does the trick, at least for forwarding the remote requests.

Regards, Rick