Tim wrote:
On Thu, 2012-10-04 at 12:45 -0700, Mark Space wrote:
I'm not sure where I could have fubared this. I did try to redirect
the ports from 80 to 8080, perhaps that was done incorrectly?
You've tested that you can browse to localhost on port 80, but have you
also tested that web server is listening to port 8080, by browsing to
that port on the same machine (or over ssh)?
Why are you redirecting, though? If there's a block on port 80, then
your attempt to get in on port 80 and redirect to port 8080 isn't going
work. Which way are you *trying* to redirect?
Last time I played with redirection (long ago), I did it to the input
and/or NAT rules, not the output rules. Redirecting incoming
connections on a port that would be allowed, to the port that was
listening.
## Redirect webserver visitors past my ISP's firewalling (blocking port 80):
## incoming port 8000 connections sent to the port 80 listening server
iptables --table nat --append PREROUTING --protocol tcp --dport 8000 --jump REDIRECT --to-port 80
But, it can be easier to just have the server listen to the port that's
not blocked, and not do any redirection.
OP found that out, good to listen to the source IP rather than just loopback. I
did get familiar with REDIRECT, though, which I'd not used. All the things I
have ever done were with DNAT, although I dimly remember that when learning
iptables (when it first came into Linux) I saw it but needed DNAT instead.
The good old days of writing perl to convert ipchains to iptables scripts, like
many other things they are more fun to remember than repeat.
--
Bill Davidsen <davidsen@xxxxxxx>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org