zoukankan      html  css  js  c++  java
  • 普通用户从非80端口启动tomcat,通过端口转发监听80端口

    linux下小于1024的端口都需要root去绑定。

    root权限启动tomcat是不明智的,可以使用非root权限启动tomcat监听8080端口,然后利用端口转发实现对80端口的监听。

    端口转发:

    # iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

    -A PREROUTING 添加新规则
    -p 检查tcp协议
    --dport 80 指定目标端口
    -j REDIRECT 目标跳转
    --to-prot 8080 指定源端口

    As loopback devices (like localhost) do not use the prerouting rules, if you need to use localhost, etc., add this rule as well (thanks @Francesco):

    # iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 80 -j REDIRECT --to-ports 8080

    NOTE: The above solution is not well suited for multi-user systems, as any user can open port 8080 (or any other high port you decide to use), thus intercepting the traffic. (Credits to CesarB).

    to delete the above rule:

    # iptables -t nat --line-numbers -n -L

    This will output something like:

    Chain PREROUTING (policy ACCEPT)
    num  target     prot opt source               destination         
    1    REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8080 redir ports 8088
    2    REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 redir ports 8080

    The rule you are interested in is nr. 2, so to delete it:

    # iptables -t nat -D PREROUTING 2

    解决iptables重启后失效的问题:

    iptables-persistent for Debian/Ubuntu
    Since Ubuntu 10.04 LTS (Lucid) and Debian 6.0 (Squeeze) there is a package with the name "iptables-persistent" which takes over the automatic loading of the saved iptables rules. To do this, the rules must be saved in the file /etc/iptables/rules.v4 for IPv4 and /etc/iptables/rules.v6 for IPv6.
    For use, the package must simply be installed.

    # apt-get install iptables-persistent

    然后使用 iptables-save (需要 root权限)就可以永久保存了,下次启动就会直接生效。

  • 相关阅读:
    深度神经网络的优化算法
    Python 正则表达式
    《java面试十八式》第一式 --冈本零点零一
    《java面试十八式》--引子
    Redis第二讲【Redis基本命令和五大数据结构】
    redis第一讲【redis的描述,linux和docker下的安装使用】
    springboot中的pom文件是如何管理依赖的
    详谈springboot启动类的@SpringBootApplication注解
    工具类中注入service和dao
    windows下安装ssdb
  • 原文地址:https://www.cnblogs.com/welhzh/p/4706328.html
Copyright © 2011-2022 走看看