I run a servlet container that wants to listen on TCP 8080. I want to redirect TCP 80 on my machine to 8080 on the same machine. If I do -t nat -I PREROUTING -i $IF -d $IP -p tcp --dport 80 -j REDIRECT --to-port 8080, it works in that I reach the 8080 server when I connect to 80. But I have to allow 8080 through. Is there a way to provide access to the 8080 server via port 80 without having to allow 8080? Stating the problem a different way, suppose that for security through obscurity purposes you wanted sshd to appear as if it was running on 2200 via firewall rules. The above method of redirecting 2200 -> 22 would work, but not offer much help because 22 would still have to be open. Thank you.
