On 7.9.2010 9:51, Pid wrote:
3. Iptables
Actually, remarkably simple to implement. Should be properly documented
within your organisation because it might be hard to discover for less
familiar users.
If you are talking about NAT, like in this example:
=====
*nat
:OUTPUT ACCEPT [93:16135]
:POSTROUTING ACCEPT [93:16135]
:PREROUTING ACCEPT [2:759]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
COMMIT
-----
I would add that it have two drawbacks:
1. NAT is not supported in ip6tables (IPv6 version of iptables), and
probably never will be
2. Virtual hosts with https might serve wrong certificates
JSVC, on the other hand, worked fine for me.
Regards,
Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
