RE: IPTABLES

2006-10-27 Thread Asensio, Rodrigo
, 2006 2:43 AM To: Tomcat Users List Subject: Re: IPTABLES > Im running a tomcat in port 80 without httpd I want redirect packages > from 80 to 8080 because tomcat is running as tomcat user (cant run as > other non root under port 1025) and I tried the IPTABLES redirection > aproach but

Re: IPTABLES

2006-10-20 Thread Christopher Schultz
Paul, > PS if you know how to configure iptables to also > forward internal requests to localhost:8080 please > pass it on! Linux's iptables can certainly re-route localhost ports as well as incoming ports. You just need additional configuration. See the post from "Johannes" from a few hours ago

Re: IPTABLES

2006-10-20 Thread Paul Singleton
ditional research on the subject. And that those who run things in a chroot jail must be real paranoid freaks. And now this post is way off topic. Doug - Original Message - From: "Paul Singleton" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Thursd

Re: IPTABLES

2006-10-20 Thread Johannes
" ;; esac -Originalmeddelande- From: Paul Singleton [EMAIL PROTECTED] Date: Fri, 20 Oct 2006 01:22:30 +0200 To: Tomcat Users List users@tomcat.apache.org Subject: Re: IPTABLES > Christopher Schultz wrote: > > > Apache httpd is configured out of the box to st

Re: IPTABLES

2006-10-19 Thread Gaƫl Lams
Im running a tomcat in port 80 without httpd I want redirect packages from 80 to 8080 because tomcat is running as tomcat user (cant run as other non root under port 1025) and I tried the IPTABLES redirection aproach but doesnt work I performed the same setup to have tomcat running on 8080 but u

Re: IPTABLES

2006-10-19 Thread Parsons Technical Services
post is way off topic. Doug - Original Message - From: "Paul Singleton" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Thursday, October 19, 2006 7:21 PM Subject: Re: IPTABLES Christopher Schultz wrote: Apache httpd is configured out of the box to star

Re: IPTABLES

2006-10-19 Thread Paul Singleton
Christopher Schultz wrote: Apache httpd is configured out of the box to start up as root, bind to port 80 (or really any port), and then drop its privileges to the httpd user. Without some really nasty code, Tomcat is unable to do the same thing, so we're forced to do silly things like internal

RE: IPTABLES

2006-10-19 Thread Asensio, Rodrigo
From: Parsons Technical Services [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 18, 2006 10:43 PM To: Tomcat Users List Subject: Re: IPTABLES Rodrigo, Since it appears that you have not gotten an answer, I will take a stab at this. I am running CentOS 4 on one of my boxes and I used this meth

Re: IPTABLES

2006-10-18 Thread Parsons Technical Services
Rodrigo, Since it appears that you have not gotten an answer, I will take a stab at this. I am running CentOS 4 on one of my boxes and I used this method. I think you are running into the same issue I did with iptables. Open the iptables file in /etc/sysconfig. DO NOT edit it here. Just look a

RE: IPTABLES

2006-10-18 Thread Caldarale, Charles R
> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: IPTABLES > > So, I suppose the answer to this guy's question is, "why are > you trying to fiddle with iptables when you could use jsvc?" Different strokes for different folks. If you don't

Re: IPTABLES

2006-10-18 Thread Christopher Schultz
Chuck, >> Without some really nasty code, Tomcat is unable to do the same >> thing, so we're forced to do silly things like internal port >> forwarding, etc. > > Didn't realize that jsvc was considerd "really nasty", since I suspect > it's doing the exact same thing httpd is at startup. I've ne

RE: IPTABLES

2006-10-18 Thread Caldarale, Charles R
> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: IPTABLES > > Without some really nasty code, Tomcat is unable to do the same > thing, so we're forced to do silly things like internal port > forwarding, etc. Didn't realize that jsvc was consi

Re: IPTABLES

2006-10-18 Thread Christopher Schultz
Chuck, > P.S. Apache is an organization of open-source developers; httpd is the > web server product of that organization. Forgive me... s/(Apache)/\1 httpd/g >> : Yet another reason to front Tomcat with Apache: access to >> port 80. I'll have to add that to my laundry list of why I like to use

RE: IPTABLES

2006-10-18 Thread Caldarale, Charles R
> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: IPTABLES > > : Yet another reason to front Tomcat with Apache: access to > port 80. I'll have to add that to my laundry list of why I like to use > Apache in front of Tomcat. ;) Why doesn't httpd

Re: IPTABLES

2006-10-18 Thread Christopher Schultz
Rodrigo, > I tried the IPTABLES redirection aproach but doesnt work. Did you get an error message? Or, does the configuration appear to work (i.e. no errors) but then doesn't actually end up working? Try using the LOG rule to dump output into the kernel log, and observe that. Logging can help yo