Okay great. I'll check the docs on that once I get the server side stuff running right. Thanks for all the hel.
Roberto David Smith <[EMAIL PROTECTED]> 08/15/2005 10:59 AM Please respond to "Tomcat Users List" <tomcat-user@jakarta.apache.org> To Tomcat Users List <tomcat-user@jakarta.apache.org> cc Subject Re: Security Questions Regarding Tomcat Regardless of what you put up in front of tomcat to act as the proxy host, you'll most likely need the proxyPort and proxyName attributes in your connector so tomcat can write urls correctly as needed (like in sending external redirects). I do this setup myself on some stuff when I'm using mod_rewrite to map servlet material into an Apache site. --David Robert V. Coward/CTR/OSAGWI wrote: >Got it. I've done that, and i figured out that i can not use ipfilter as a >"reflector". That is it is not very easy to use rdr to map packets from >192.168.0.20 port 80 -> 192.168.0.20 port 8080. >That is precisely what I wanted to do.force NAT to rewrite packets coming >in on one port to another port and have tomcat answer normally. I got >confused when I saw the proxying info inside the server.xml file. Looks >like I'll have to get a real proxy server. Thanks. > >Roberto > > > >Hassan Schroeder <[EMAIL PROTECTED]> >08/15/2005 10:30 AM >Please respond to >"Tomcat Users List" <tomcat-user@jakarta.apache.org> > > >To >Tomcat Users List <tomcat-user@jakarta.apache.org> >cc > >Subject >Re: Security Questions Regarding Tomcat > > > > > > >Robert V. Coward/CTR/OSAGWI wrote: > > >>Understood. But I do not want to use Tomcat proxying services. I just >> >> >want > > >>to host 8080 locally and let my ipfilter firewall block and proxy for >> >> >me. > >Then the default Tomcat configuration of listening on port 8080 is >just what you need. I highly recommend making a copy of the original >server.xml and then stripping out the examples before doing anything >else; greatly improves readability. :-) > >If you're still uncertain about Tomcat's configuration, i.e., what >port(s) it's listening on, you could run netstat and/or nmap before >and after starting it, and compare the results. > >FWIW! > > -- ======================================= David Smith Network Operations Supervisor Department of Entomology College of Agriculture & Life Sciences Cornell University 2132 Comstock Hall Ithaca, NY 14853 Phone: 607.255.9571 Fax: 607.255.0939 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
