Re: [PLUG] iptables masquerading, port blocking and port forwarding

Antony P Joseph on 2 Sep 2007 18:42:38 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] iptables masquerading, port blocking and port forwarding

From: Antony P Joseph <antony@panathara.org>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] iptables masquerading, port blocking and port forwarding

Date: Sun, 02 Sep 2007 14:40:36 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

HI > I want to run Jetty on port 80 instead of apache httpd but don't want > it to run as root. doesn't Jetty support "bind port 80; setuid(no-root-user); accept on port 80" sequence? If Jetty can not do this sequence, I do not think you should run Jetty and look for another webserver suited to you > > $IPTABLES -t nat -A PREROUTING -p tcp -i $EXTIF --dport 80 -j DNAT > --to 192.168.1.2:7070 Is the IP address rewritten with your machine's IP address when DNAT is taking place? Is not it possible for you to add an accept rule using the previous question if the answer is true. With regards Antony ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Prev by Date: Re: [PLUG] honeypot

Next by Date: [PLUG] Network based RAM

Previous by thread: Re: [PLUG] honeypot

Next by thread: [PLUG] Network based RAM

Index(es):

Date

Thread