Question about iptables, Re: Let's Encrypt with Tomcat?

Ladies and Gentlemen: As I said earlier today, I have # Generated by iptables-save v1.4.18 on Mon Jan 6 21:17:22 2020 *filter :INPUT ACCEPT [5018099:5766179544] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [400:2863742410] COMMIT # Completed on Mon Jan 6 21:17:22 2020 # Generated by iptables

Re: [OT] Using iptables to remap port 443 -> 8443 for localhost

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, On 12/4/16 3:30 PM, Christopher Schultz wrote: > All, > > I'm aware of various techniques to allow Tomcat to serve from port > 80 without using root, but I've never actually tried using them > before. > > I

[OT] Using iptables to remap port 443 -> 8443 for localhost

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'm aware of various techniques to allow Tomcat to serve from port 80 without using root, but I've never actually tried using them before. I'm trying to use iptables on a bare-metal Linux server running kernel 3.2 and I&#

Re: tomcat iptables problem - problem kinda solved

Hi, just in case someone has the same problem. It's obviously a problem with the fwbuilder software. I know used firehol to build the rules and everything works fine. What about doing "/etc/init.d/iptables stop" when the firewall is running. Does Tomcat then start and st

Re: tomcat iptables problem

l (!!!) starts slowly! (Why???) :( > Only when I restart the whole Debian machine and do not start the > firewall tomcat starts fast. What about doing "/etc/init.d/iptables stop" when the firewall is running. Does Tomcat then start and stop more quickly? I find it hard to believe that th

Re: tomcat iptables problem

Sorry, of course the "accept bla bla" goes into a separate line! Dieter Schicker wrote: Thanks a lot for all your valuable answers! Unfortunately none of them helped me. Let me give you an example of this strange behavior (tomcat starting very slowly [>3min.]). ipt

Re: tomcat iptables problem

Thanks a lot for all your valuable answers! Unfortunately none of them helped me. Let me give you an example of this strange behavior (tomcat starting very slowly [>3min.]). iptables Ruleset: - Chain INPUT (policy DROP) target prot

Re: tomcat iptables problem

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dieter, Dieter Schicker wrote: > Now I set up an iptables firewall (with fwbuilder) with the following > open ports: > 8080 (http), 8005 (shutdown?), 8009 (ajp connector) and all lo traffic > is allowed. What about outgoing allowed po

Re: tomcat iptables problem

Dieter Schicker wrote: > Hi, > > this is my first mail to this list so please forgive me if it's the > wrong list. > Here's my problem: > > I'm running tomcat 5.5.23 on Debian Etch (4.0) with Linux kernel > 2.6.18-4-xen-amd6. > Now I set up an i

Re: tomcat iptables problem

Quoting Dieter Schicker <[EMAIL PROTECTED]>: With this configuration I have the following behavior: Tomcat needs 3 minutes to shut down and another 3 minutes to start up again. If it runs it runs perfectly ... Any ideas? It can occurs if you are working with a localhost" url... If you do, j

tomcat iptables problem

Hi, this is my first mail to this list so please forgive me if it's the wrong list. Here's my problem: I'm running tomcat 5.5.23 on Debian Etch (4.0) with Linux kernel 2.6.18-4-xen-amd6. Now I set up an iptables firewall (with fwbuilder) with the following open ports: 8080 (http),

RE: IPTABLES

Yes sir! This simple solution worked in the first try!!! Thanks man! iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080 iptables -A INPUT -p tcp --dport 8080 -j ACCEPT -Original Message- From: Gaël Lams [mailto:[EMAIL PROTECTED] Sent: Friday, October 20

Re: IPTABLES

Paul, > PS if you know how to configure iptables to also > forward internal requests to localhost:8080 please > pass it on! Linux's iptables can certainly re-route localhost ports as well as incoming ports. You just need additional configuration. See the post from "Johanne

Re: IPTABLES

Parsons Technical Services wrote: So, if I read correctly you have no problems running you apps as root? ??? Sorry if I gave that impression; I run Tomcat standalone as a non-privileged user, doing port forwarding with iptables. I thus depend only on iptables, a Sun JRE and Tomcat, the

Re: IPTABLES

I'm running IP tables with the addition that it's possible for the apps to talk on port 80. This is the script I'm using: #!/bin/sh IPTABLES=/sbin/iptables EXTERNAL_IP= # The IP-address of the external interface of the firewall EXTERNAL_INTERFACE=eth0

Re: IPTABLES

Im running a tomcat in port 80 without httpd I want redirect packages from 80 to 8080 because tomcat is running as tomcat user (cant run as other non root under port 1025) and I tried the IPTABLES redirection aproach but doesnt work I performed the same setup to have tomcat running on 8080 but

Re: IPTABLES

post is way off topic. Doug - Original Message - From: "Paul Singleton" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Thursday, October 19, 2006 7:21 PM Subject: Re: IPTABLES Christopher Schultz wrote: Apache httpd is configured out of the box to star

Re: IPTABLES

ductive when it tempts us to run services as root, or to use tricksy workarounds. Linux should make this switch-offable (without having to recompile the kernel). The only problem I've found with standalone Tomcat plus iptables port forwarding (apart from the need to understand iptables :

RE: IPTABLES

I will try this aproach. Im trying with iptables because find out jsvc a little bit late and run the make an all this stuff... I just modify the iptables and that's all ( if it worked!) I will try this and let you know what happened Thanks for the help guys. -Original Message-

Re: IPTABLES

Rodrigo, Since it appears that you have not gotten an answer, I will take a stab at this. I am running CentOS 4 on one of my boxes and I used this method. I think you are running into the same issue I did with iptables. Open the iptables file in /etc/sysconfig. DO NOT edit it here. Just look

RE: IPTABLES

> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: IPTABLES > > So, I suppose the answer to this guy's question is, "why are > you trying to fiddle with iptables when you could use jsvc?" Different strokes for different folks. If you don't

Re: IPTABLES

not indicate that it can do anything like that. Apparently, Tomcat supports a specialized interface for jsvc that allows for this kind of thing. So, I suppose the answer to this guy's question is, "why are you trying to fiddle with iptables when you could use jsvc?" Oh, and I

RE: IPTABLES

> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: IPTABLES > > Without some really nasty code, Tomcat is unable to do the same > thing, so we're forced to do silly things like internal port > forwarding, etc. Didn't realize that jsvc was consi

Re: IPTABLES

Chuck, > P.S. Apache is an organization of open-source developers; httpd is the > web server product of that organization. Forgive me... s/(Apache)/\1 httpd/g >> : Yet another reason to front Tomcat with Apache: access to >> port 80. I'll have to add that to my laundry list of why I like to use

RE: IPTABLES

> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: IPTABLES > > : Yet another reason to front Tomcat with Apache: access to > port 80. I'll have to add that to my laundry list of why I like to use > Apache in front of Tomcat. ;) Why doesn't httpd

Re: IPTABLES

Rodrigo, > I tried the IPTABLES redirection aproach but doesnt work. Did you get an error message? Or, does the configuration appear to work (i.e. no errors) but then doesn't actually end up working? Try using the LOG rule to dump output into the kernel log, and observe that. Logging

IPTABLES

my config Fedora 5 Tomcat 5517 Java Sun 1508 Im running a tomcat in port 80 without httpd I want redirect packages from 80 to 8080 because tomcat is running as tomcat user (cant run as other non root under port 1025) and I tried the IPTABLES redirection aproach but doesnt work I tried this but

Re: Tomcat and iptables?

Users List" Sent: Friday, December 16, 2005 11:52 AM Subject: Re: Tomcat and iptables? Hi, Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005 (for shutdown) and now Tomcat works, but I can't shutdown. There comes as usual: Using CATALINA_BASE: /home/tomcat/tom

Re: Tomcat and iptables?

Hi, thanks a lot. With this two rules it works fine. And again I've learned someting. Thanks again. On Dec 16, 2005, at 7:46 PM, Oscar Mechanic wrote: Add in the follow iptables -A INPUT -j LOG iptables -A OUTPUT -j LOG Then do dmesg -c 2&> /dev/null; Now do a shutdown then

Re: Tomcat and iptables?

Users List" Sent: Friday, December 16, 2005 11:52 AM Subject: Re: Tomcat and iptables? Hi, Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005 (for shutdown) and now Tomcat works, but I can't shutdown. There comes as usual: Using CATALINA_BASE: /home/tomcat/tom

Re: Tomcat and iptables?

Add in the follow iptables -A INPUT -j LOG iptables -A OUTPUT -j LOG Then do dmesg -c 2&> /dev/null; Now do a shutdown then dmesg | grep 127.0.0.1 or just dmesg if you are running a cluster What ever comes out is what you are blocking on the local machine I would suggest you do i

RE: Tomcat and iptables?

on linux, it's $CATALINA_HOME/logs/catalina.out > -Original Message- > From: Martin Gainty [mailto:[EMAIL PROTECTED] > Sent: Friday, December 16, 2005 11:18 AM > To: Tomcat Users List > Subject: Re: Tomcat and iptables? > > > Sebastian- &g

Re: Tomcat and iptables?

ED]> To: "Tomcat Users List" Sent: Friday, December 16, 2005 11:52 AM Subject: Re: Tomcat and iptables? Hi, Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005 (for shutdown) and now Tomcat works, but I can't shutdown. There comes as usual: Using CATALINA_B

Re: Tomcat and iptables?

Sebastian- send us the logs specifically stdout_MMDD.log Martin- - Original Message - From: "Sebastian Funk" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Friday, December 16, 2005 11:52 AM Subject: Re: Tomcat and iptables? Hi, Thanks to all, no

Re: Tomcat and iptables?

Hi, Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005 (for shutdown) and now Tomcat works, but I can't shutdown. There comes as usual: Using CATALINA_BASE: /home/tomcat/tomcat Using CATALINA_HOME: /home/tomcat/tomcat Using CATALINA_TMPDIR: /home/tom

Re: Tomcat and iptables?

Look at the connectors you have enabled in server.xml. All those should be included. The shutdown port does not need to be included since it binds to localhost. -- David Sebastian Funk wrote: Hi, I've run a Tomcat-server and it worked fine. Now I've installed "iptables&q

RE: Tomcat and iptables?

Users List Subject: Tomcat and iptables? Hi, I've run a Tomcat-server and it worked fine. Now I've installed "iptables" and I'm getting some trouble. Wich port do I have to open for tomcat? Only the 8080 doesn't seem to be enough.

RE: Tomcat and iptables?

> From: Sebastian Funk [mailto:[EMAIL PROTECTED] > Subject: Tomcat and iptables? > > I've run a Tomcat-server and it worked fine. Now I've installed > "iptables" and I'm getting some trouble. Wich port do I have to open > for tomcat? Only th

Tomcat and iptables?

Hi, I've run a Tomcat-server and it worked fine. Now I've installed "iptables" and I'm getting some trouble. Wich port do I have to open for tomcat? Only the 8080 doesn't seem to be enough. What else?