Anil,
On 15.5.2013 13:42, Anil Goyal -X (anigoyal - Aricent Technologies at
Cisco) wrote:
We are using tomcat version 7.0.25 and in server.xml, we have two connector
port defined:80 (http)and 443(https).
In /etc/sysconfig/iptables, we have redirect logic written that will redirect
the request coming at port 8080 to port 80, and request coming at port 8443 to
443.
-A PREROUTING -p tcp -m tcp --dport 8443 -j REDIRECT --to-ports 443
-A PREROUTING -p tcp -m tcp --dport 8080 -j REDIRECT --to-ports 80
Your configuration is a bit unusual. You have Tomcat running on port 80,
but you add prerouting rule to iptables, so that Tomcat will also
respond to port 8080, right? Would you explain what is your motivation
for such configuration?
Now when I hit the url 'http://request-uri:8080/context, then I am getting the
desire response. I have below query:
1. Will the request firstly go to iptables before tomcat ?
Yes.
2. If request firstly go to iptable then it check that 8080 is redirect
to port 80 then url change to 'http://request-uri:80/context' and it then land
to tomcat and tomcat respond to it. Now in tomcat access logs, the requesting
port corresponding to this request is 8080. So why it is 8080 in tomcat access
logs.? Please revert on this. I think because iptables redirect 8080 to 80 so
tomcat receives the request at port 80 so in tomcat access logs, requestiong
port should be 80.
Iptables will not change the URL. Iptables merely redirects all packets
received on port 8080 to port 80. It will not alter the contents of the
packets. Therefore, Tomcat will receive your HTTP request as it is sent
by your browser -- which means it will contain port 8080 and not port
80. Tomcat processes the requests and logs the port as it is received,
and that is 8080.
BTW, AccessLogValve does not log port by default, I assume you are using
your own logging pattern.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org