I’m running a tomcat server on port 8080 on my box. I want it to be accessable on port 80 without running it as root.
I’m using OpenSuse 11.1.
Is it possible to use the Susefirewall2 to set up that port mapping. I tried defining “Custom Rules” and “Masquerading” but without any success. It is still only accessable on port 8080.
Any help is greatly appreciated.
-----BEGIN PGP SIGNED MESSAGE-----
Yes, you can do it, though you must modify the file manually I believe.
Look for documents that talk about FW_REDIRECT and modify the line with
that variable on it within /etc/sysconfig/SuSEfirewall2 as follows
(assuming your machine’s IP is 192.168.2.2
> Hi all,
> I’m running a tomcat server on port 8080 on my box. I want it to be
> accessable on port 80 without running it as root.
> I’m using OpenSuse 11.1.
> Is it possible to use the Susefirewall2 to set up that port mapping. I
> tried defining “Custom Rules” and “Masquerading” but without any
> success. It is still only accessable on port 8080.
> Any help is greatly appreciated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
It should work in Custom Rules. I have a ktorrent interface that is listening in 8001 port and i`m connecting from outside directly on port 80… so same situation works here great. Maybe you did something wrong…
Maybe, but why so complicated?
The (example) solution posted by email@example.com is the simple and “known to work” way to do it.
I want to run Jboss on a opensuse-box and use the “standard” jboss redirect port 80 to 8080 solution:
iptables -t nat -A PREROUTING -p tcp –dport 80 -j REDIRECT –to-port 8080
But I also want to use Yast firewall to protect the system (only port 22 and 80 shall be open). I think that running the firewall together with the redirect-script conflict somehow?
The Jboss only answers when I stop the firewall, reboot linux and start Jboss with the redirect-script included.
Does anyone have the same experience and maybe a solution?
The redirect is in fact done using the iptables rules, so the “conflict” is that your manually inserted rule is being cleared by the standard SuSEfirewall2 setup. You should be able to get it to work by working within SuSEfirewall2 in the way that ab showed.
Thanks for quick answer
So can I conclude this workflow:
- Remove the jboss redirect-script.
- Use Yast -> Firewall and turn it on and open port 22 and 80 as wanted.
- Edit /etc/sysconfig/SuSEfirewall2 with ab’s solution.
Then reboot linux and test solutions.
No, a reboot isn’t required, just do rcSuSEfirewall2 restart
Many people reboot Linux for no good reason.
It works ! Thank you very much!
But be carefull about local- and destination-post! The syntax in commemts in SuSEfirewall2 script is correct. My statement is:
and it works