good to know! fillup
On 6/6/02 11:17 AM, "James Williamson" <[EMAIL PROTECTED]> wrote: > Actually, you shouldn't need to, on my box it only binds itself itself to the > loopback > interface. If you're on a Un*x box try a netstat -lp -t to see the > interface(s) > it's listening > on, hopefully you should see something like this: > > tcp 0 0 localhost:8005 *:* LISTEN > 21700/java > > >> and while you're at it, you should block 8005 as someone else pointed out >> very intelligently the other day. >> >> 8005 is tomcat's control port (i don't know the official name). If you >> type: >> >> telnet nameoftomcatserver 8005 >> >> Once you connect, type >> SHUTDOWN >> and hit return. >> >> Tomcat will shut down. >> >> So you need to block this port as well, probably from every machine except >> localhost (it needs to be accessible from localhost if you want tomcat's >> shutdown script to be able to shut it down!). >> >> fillup >> >> On 6/6/02 11:04 AM, "Wagoner, Mark" <[EMAIL PROTECTED]> wrote: >> >>> Here are a couple: >>> >>> http://netfilter.samba.org/documentation/ >>> >>> http://www.linuxguruz.org/iptables/howto/iptables-HOWTO.html >>> >>> >>> Note that IPTables is for kernel version 2.4.x, 2.2.x used IPChains (you can >>> find documentation on IPChains at these sites also). >>> >>> HTH >>> >>> -----Original Message----- >>> From: "Bührle, Martin, FCI1" [mailto:[EMAIL PROTECTED]] >>> Sent: Thursday, June 06, 2002 1:43 PM >>> To: 'Tomcat Users List' >>> Subject: AW: Access-Control for Tomcat-Webserver (Version 4.0.1) >>> >>> >>> Can You give me an hint how to configure the IPTables or where to read about >>> this? >>> Thanks. >>> >>> >>> Gruesse >>> Martin Buehrle >>> >>> _________________________________________________________________________ >>> Martin Buehrle, FCI1 >>> EADS - European Aeronautic Defence and Space Company >>> LFK-Lenkflugkoerpersysteme GmbH >>> Postfach 1661 >>> 85705 UNTERSCHLEISSHEIM >>> Telefon: +49 89 3179-8460 >>> Telefax: +49 89 3179-8927 >>> eMail: [EMAIL PROTECTED] >>> _________________________________________________________________________ >>> >>> >>> >>>> -----Ursprüngliche Nachricht----- >>>> Von: Wagoner, Mark [SMTP:[EMAIL PROTECTED]] >>>> Gesendet am: Donnerstag, 6. Juni 2002 19:17 >>>> An: 'Tomcat Users List' >>>> Betreff: RE: Access-Control for Tomcat-Webserver (Version 4.0.1) >>>> >>>> Sorry, I guess I should have read your question more closely. :o/ >>>> >>>> If you are on Linux you can block the request using IPTables when the >>>> source >>>> is outside your intranet. >>>> >>>> Otherwise, you may have to write a filter that examines the server port >>>> and >>>> requesting IP address. >>>> >>>> >>>> -----Original Message----- >>>> From: "Bührle, Martin, FCI1" [mailto:[EMAIL PROTECTED]] >>>> Sent: Thursday, June 06, 2002 12:38 PM >>>> To: 'Tomcat Users List' >>>> Subject: AW: Access-Control for Tomcat-Webserver (Version 4.0.1) >>>> >>>> >>>> Hi Mark, >>>> >>>> I cannot remove the standalone-service, because I need it for testing. Due >>>> to a bug I am not able to see changes out of my CMS-Servlet via >>>> WARP-Connector and Apache immediately. I just can see it under Port 8080 / >>>> Tomcat-Standalone-Server until I restart Tomcat in the night. >>>> >>>> We will work on this bug and in the meantime we need another >>>> access-control-solution. >>>> >>>> Thanks for reply. >>>> >>>> >>>> Gruesse >>>> Martin Buehrle >>>> >>>> _________________________________________________________________________ >>>> Martin Buehrle, FCI1 >>>> EADS - European Aeronautic Defence and Space Company >>>> Postfach 1661 >>>> 85705 UNTERSCHLEISSHEIM >>>> Telefax: +49 89 3179-8927 >>>> eMail: [EMAIL PROTECTED] >>>> _________________________________________________________________________ >>>> >>>> >>>> >>>>> -----Ursprüngliche Nachricht----- >>>>> Von: Wagoner, Mark [SMTP:[EMAIL PROTECTED]] >>>>> Gesendet am: Donnerstag, 6. Juni 2002 18:13 >>>>> An: 'Tomcat Users List' >>>>> Betreff: RE: Access-Control for Tomcat-Webserver (Version 4.0.1) >>>>> >>>>> Since you are using WARP exclusively, you can remove the >>>>> "Tomcat-Standalone" >>>>> service from your server.xml file. After you restart Tomcat, it will no >>>>> longer be listening for HTTP requests. >>>>> >>>>> -----Original Message----- >>>>> From: "Bührle, Martin, FCI1" [mailto:[EMAIL PROTECTED]] >>>>> Sent: Thursday, June 06, 2002 12:01 PM >>>>> To: '[EMAIL PROTECTED]' >>>>> Subject: Access-Control for Tomcat-Webserver (Version 4.0.1) >>>>> >>>>> >>>>> Hi List, >>>>> >>>>> >>>>> we have built up a closed Intranet for our employees with an TOmcat >>>>> (4.0.1), >>>>> Apache and WARP-Connector - Configuration >>>>> and Apache access-control, using the <LOCATION> - directive from Apache. >>>>> >>>>> Our Intranet - Content is served by a Tomcat-servlet. >>>>> >>>>> >>>>> The only problem we have, is that you can still reach the content of the >>>>> CMS-servlet under port 8080 from outside our business unit, because this >>>>> port is the standard-tomcat HTTP-Server and the apache-access-control >>>>> doesnt >>>>> work in this case. >>>>> >>>>> Within the closed intranet we need this tomcat-http-server for testing, >>>> so >>>>> I >>>>> need an access-control feature like the <Location>-directive in apache, >>>>> closing the port 8080 is not a solution so far. >>>>> >>>>> Does anybody know what to to? >>>>> >>>>> Thanks for Your help! >>>>> >>>>> >>>>> >>>>> >>>>> Gruesse >>>>> Martin Buehrle >>>>> >>>>> >>>> _________________________________________________________________________ >>>>> Martin Buehrle, FCI1 >>>>> EADS - European Aeronautic Defence and Space Company >>>>> Postfach 1661 >>>>> 85705 UNTERSCHLEISSHEIM >>>>> Telefax: +49 89 3179-8927 >>>>> eMail: [EMAIL PROTECTED] >>>>> >>>> _________________________________________________________________________ >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> To unsubscribe, e-mail: >>>>> <mailto:[EMAIL PROTECTED]> >>>>> For additional commands, e-mail: >>>>> <mailto:[EMAIL PROTECTED]> >>>>> >>>>> -- >>>>> To unsubscribe, e-mail: >>>>> <mailto:[EMAIL PROTECTED]> >>>>> For additional commands, e-mail: >>>>> <mailto:[EMAIL PROTECTED]> >>>> >>>> -- >>>> To unsubscribe, e-mail: >>>> <mailto:[EMAIL PROTECTED]> >>>> For additional commands, e-mail: >>>> <mailto:[EMAIL PROTECTED]> >>>> >>>> -- >>>> To unsubscribe, e-mail: >>>> <mailto:[EMAIL PROTECTED]> >>>> For additional commands, e-mail: >>>> <mailto:[EMAIL PROTECTED]> >>> >>> -- >>> To unsubscribe, e-mail: >>> <mailto:[EMAIL PROTECTED]> >>> For additional commands, e-mail: >>> <mailto:[EMAIL PROTECTED]> >>> >>> -- >>> To unsubscribe, e-mail: >>> <mailto:[EMAIL PROTECTED]> >>> For additional commands, e-mail: >>> <mailto:[EMAIL PROTECTED]> >>> >> >> -- >> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> >> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>