Ladies and Gentlemen:
As I said earlier today, I have
# Generated by iptables-save v1.4.18 on Mon Jan 6 21:17:22 2020
*filter
:INPUT ACCEPT [5018099:5766179544]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [400:2863742410]
COMMIT
# Completed on Mon Jan 6 21:17:22 2020
# Generated by iptables
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
On 12/4/16 3:30 PM, Christopher Schultz wrote:
> All,
>
> I'm aware of various techniques to allow Tomcat to serve from port
> 80 without using root, but I've never actually tried using them
> before.
>
> I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
I'm aware of various techniques to allow Tomcat to serve from port 80
without using root, but I've never actually tried using them before.
I'm trying to use iptables on a bare-metal Linux server running kernel
3.2 and I
Hi,
just in case someone has the same problem. It's obviously a problem with
the fwbuilder software. I know used firehol to build the rules and
everything works fine.
What about doing "/etc/init.d/iptables stop" when the firewall is
running. Does Tomcat then start and st
l (!!!) starts slowly! (Why???)
:(
> Only when I restart the whole Debian machine and do not start the
> firewall tomcat starts fast.
What about doing "/etc/init.d/iptables stop" when the firewall is
running. Does Tomcat then start and stop more quickly?
I find it hard to believe that th
Sorry, of course the "accept bla bla" goes into a separate line!
Dieter Schicker wrote:
Thanks a lot for all your valuable answers! Unfortunately none of them
helped me.
Let me give you an example of this strange behavior (tomcat starting
very slowly [>3min.]).
ipt
Thanks a lot for all your valuable answers! Unfortunately none of them
helped me.
Let me give you an example of this strange behavior (tomcat starting
very slowly [>3min.]).
iptables Ruleset:
-
Chain INPUT (policy DROP)
target prot
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dieter,
Dieter Schicker wrote:
> Now I set up an iptables firewall (with fwbuilder) with the following
> open ports:
> 8080 (http), 8005 (shutdown?), 8009 (ajp connector) and all lo traffic
> is allowed.
What about outgoing allowed po
Dieter Schicker wrote:
> Hi,
>
> this is my first mail to this list so please forgive me if it's the
> wrong list.
> Here's my problem:
>
> I'm running tomcat 5.5.23 on Debian Etch (4.0) with Linux kernel
> 2.6.18-4-xen-amd6.
> Now I set up an i
Quoting Dieter Schicker <[EMAIL PROTECTED]>:
With this configuration I have the following behavior: Tomcat needs 3
minutes to shut down and another 3 minutes to start up again. If it runs
it runs perfectly ...
Any ideas?
It can occurs if you are working with a localhost" url... If you do,
j
Hi,
this is my first mail to this list so please forgive me if it's the
wrong list.
Here's my problem:
I'm running tomcat 5.5.23 on Debian Etch (4.0) with Linux kernel
2.6.18-4-xen-amd6.
Now I set up an iptables firewall (with fwbuilder) with the following
open ports:
8080 (http),
Yes sir! This simple solution worked in the first try!!!
Thanks man!
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
-Original Message-
From: Gaël Lams [mailto:[EMAIL PROTECTED]
Sent: Friday, October 20
Paul,
> PS if you know how to configure iptables to also
> forward internal requests to localhost:8080 please
> pass it on!
Linux's iptables can certainly re-route localhost ports as well as
incoming ports. You just need additional configuration.
See the post from "Johanne
Parsons Technical Services wrote:
So, if I read correctly you have no problems running you apps as root?
??? Sorry if I gave that impression; I run Tomcat
standalone as a non-privileged user, doing port
forwarding with iptables.
I thus depend only on iptables, a Sun JRE and Tomcat,
the
I'm running IP tables with the addition that it's possible for the apps to talk
on port 80.
This is the script I'm using:
#!/bin/sh
IPTABLES=/sbin/iptables
EXTERNAL_IP= # The IP-address of the external
interface of the firewall
EXTERNAL_INTERFACE=eth0
Im running a tomcat in port 80 without httpd
I want redirect packages from 80 to 8080 because tomcat is running as
tomcat user (cant run as other non root under port 1025) and I tried the
IPTABLES redirection aproach but doesnt work
I performed the same setup to have tomcat running on 8080 but
post is way off topic.
Doug
- Original Message -
From: "Paul Singleton" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Thursday, October 19, 2006 7:21 PM
Subject: Re: IPTABLES
Christopher Schultz wrote:
Apache httpd is configured out of the box to star
ductive when it tempts us to run services
as root, or to use tricksy workarounds.
Linux should make this switch-offable (without
having to recompile the kernel).
The only problem I've found with standalone Tomcat
plus iptables port forwarding (apart from the need
to understand iptables :
I will try this aproach.
Im trying with iptables because find out jsvc a little bit late and run
the make an all this stuff... I just modify the iptables and that's all
( if it worked!)
I will try this and let you know what happened
Thanks for the help guys.
-Original Message-
Rodrigo,
Since it appears that you have not gotten an answer, I will take a stab at
this.
I am running CentOS 4 on one of my boxes and I used this method. I think you
are running into the same issue I did with iptables. Open the iptables file
in /etc/sysconfig. DO NOT edit it here. Just look
> From: Christopher Schultz [mailto:[EMAIL PROTECTED]
> Subject: Re: IPTABLES
>
> So, I suppose the answer to this guy's question is, "why are
> you trying to fiddle with iptables when you could use jsvc?"
Different strokes for different folks. If you don't
not indicate that it can do
anything like that. Apparently, Tomcat supports a specialized interface
for jsvc that allows for this kind of thing.
So, I suppose the answer to this guy's question is, "why are you trying
to fiddle with iptables when you could use jsvc?"
Oh, and I
> From: Christopher Schultz [mailto:[EMAIL PROTECTED]
> Subject: Re: IPTABLES
>
> Without some really nasty code, Tomcat is unable to do the same
> thing, so we're forced to do silly things like internal port
> forwarding, etc.
Didn't realize that jsvc was consi
Chuck,
> P.S. Apache is an organization of open-source developers; httpd is the
> web server product of that organization.
Forgive me... s/(Apache)/\1 httpd/g
>> : Yet another reason to front Tomcat with Apache: access to
>> port 80. I'll have to add that to my laundry list of why I like to use
> From: Christopher Schultz [mailto:[EMAIL PROTECTED]
> Subject: Re: IPTABLES
>
> : Yet another reason to front Tomcat with Apache: access to
> port 80. I'll have to add that to my laundry list of why I like to use
> Apache in front of Tomcat. ;)
Why doesn't httpd
Rodrigo,
> I tried the IPTABLES redirection aproach but doesnt work.
Did you get an error message? Or, does the configuration appear to work
(i.e. no errors) but then doesn't actually end up working?
Try using the LOG rule to dump output into the kernel log, and observe
that. Logging
my config
Fedora 5
Tomcat 5517
Java Sun 1508
Im running a tomcat in port 80 without httpd
I want redirect packages from 80 to 8080 because tomcat is running as
tomcat user (cant run as other non root under port 1025) and I tried the
IPTABLES redirection aproach but doesnt work
I tried this but
Users List"
Sent: Friday, December 16, 2005 11:52 AM
Subject: Re: Tomcat and iptables?
Hi,
Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005
(for shutdown) and now Tomcat works, but I can't shutdown. There
comes as usual:
Using CATALINA_BASE: /home/tomcat/tom
Hi,
thanks a lot. With this two rules it works fine. And again I've
learned someting.
Thanks again.
On Dec 16, 2005, at 7:46 PM, Oscar Mechanic wrote:
Add in the follow
iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG
Then do
dmesg -c 2&> /dev/null;
Now do a shutdown then
Users List"
Sent: Friday, December 16, 2005 11:52 AM
Subject: Re: Tomcat and iptables?
Hi,
Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005
(for shutdown) and now Tomcat works, but I can't shutdown. There
comes as usual:
Using CATALINA_BASE: /home/tomcat/tom
Add in the follow
iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG
Then do
dmesg -c 2&> /dev/null;
Now do a shutdown then
dmesg | grep 127.0.0.1
or just
dmesg
if you are running a cluster
What ever comes out is what you are blocking on the local machine I
would suggest you do
i
on linux, it's
$CATALINA_HOME/logs/catalina.out
> -Original Message-
> From: Martin Gainty [mailto:[EMAIL PROTECTED]
> Sent: Friday, December 16, 2005 11:18 AM
> To: Tomcat Users List
> Subject: Re: Tomcat and iptables?
>
>
> Sebastian-
&g
ED]>
To: "Tomcat Users List"
Sent: Friday, December 16, 2005 11:52 AM
Subject: Re: Tomcat and iptables?
Hi,
Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005
(for shutdown) and now Tomcat works, but I can't shutdown. There
comes as usual:
Using CATALINA_B
Sebastian-
send us the logs specifically stdout_MMDD.log
Martin-
- Original Message -
From: "Sebastian Funk" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Friday, December 16, 2005 11:52 AM
Subject: Re: Tomcat and iptables?
Hi,
Thanks to all, no
Hi,
Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005 (for
shutdown) and now Tomcat works, but I can't shutdown. There comes as
usual:
Using CATALINA_BASE: /home/tomcat/tomcat
Using CATALINA_HOME: /home/tomcat/tomcat
Using CATALINA_TMPDIR: /home/tom
Look at the connectors you have enabled in server.xml. All those should
be included. The shutdown port does not need to be included since it
binds to localhost.
-- David
Sebastian Funk wrote:
Hi,
I've run a Tomcat-server and it worked fine. Now I've installed
"iptables&q
Users List
Subject: Tomcat and iptables?
Hi,
I've run a Tomcat-server and it worked fine. Now I've installed
"iptables" and I'm getting some trouble. Wich port do I have to open
for tomcat? Only the 8080 doesn't seem to be enough.
> From: Sebastian Funk [mailto:[EMAIL PROTECTED]
> Subject: Tomcat and iptables?
>
> I've run a Tomcat-server and it worked fine. Now I've installed
> "iptables" and I'm getting some trouble. Wich port do I have to open
> for tomcat? Only th
Hi,
I've run a Tomcat-server and it worked fine. Now I've installed
"iptables" and I'm getting some trouble. Wich port do I have to open
for tomcat? Only the 8080 doesn't seem to be enough. What else?
39 matches
Mail list logo