Antony P Joseph on 2 Sep 2007 18:42:38 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] iptables masquerading, port blocking and port forwarding


HI
> I want to run Jetty on port 80 instead of apache httpd but don't want
> it to run as root.

doesn't Jetty support "bind port 80; setuid(no-root-user); accept on
port 80" sequence?
  If Jetty can not do this sequence, I do not think you should run Jetty
and look for another webserver suited to you

> 
> $IPTABLES -t nat -A PREROUTING -p tcp -i $EXTIF --dport 80 -j DNAT
> --to 192.168.1.2:7070
Is the IP address rewritten  with your machine's IP address when DNAT is
taking place? Is not it possible for you to add an accept rule using the
previous question if the answer is true. 

With regards
Antony

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug