|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] iptables masquerading, port blocking and port forwarding
|
On Fri, Aug 31, 2007 at 09:33:36PM -0400, Sonny To wrote:
> I want to run Jetty on port 80 instead of apache httpd but don't want
> it to run as root.
>
> $IPTABLES -t nat -A PREROUTING -p tcp -i $EXTIF --dport 80 -j DNAT
> --to 192.168.1.2:7070
>
> the above works if I did not have the below:
>
> $IPTABLES -A INPUT -j ACCEPT -p tcp --destination-port 80 -i $EXTIF
> $IPTABLES -A INPUT -j DROP -p tcp -i $EXTIF
>
> How can I get port forwarding port 80 to port 7070 while blocking all
> other ports?
In addition to allowing port 80 specifically, also allow the port you're
redirecting to; in this case, port 7070.
-mct
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|