Re: opening connection for Tomcat

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Gianni Pucciani <gp.puccio@tin.it>
To: Rob Sterenborg <rob@sterenborg.info>
Cc: Netfilter <netfilter@lists.netfilter.org>
Subject: Re: opening connection for Tomcat
Date: Thu, 08 Apr 2004 22:13:01 +0200	[thread overview]
Message-ID: <4075B24D.1020601@tin.it> (raw)
In-Reply-To: <1081446600.2453.63.camel@katala.sterenborg.info>

Ok, I've fixed the problem: it seems that the address 0.0.0.0 is no good.

Many thanks

Gianni
Rob Sterenborg wrote:

>On Thu, 2004-04-08 at 18:30, Alexis wrote:
>  
>
>>you must change to OUTPUT the first rule at least. you're filtering all
>>outgoing packets.
>>
>>    
>>
>
>In these rules I only see policy ACCEPT for the OUTPUT chain, so IMHO
>there's no filtering there.
>
>  
>
>>>Hi all,
>>>I was in trouble opening a port for services with tomcat:
>>>Is this rule right? I'm behind an adsl router that forward every
>>>connection on port 8080 to <myprivateip>.
>>>
>>>iptables -P INPUT DROP
>>>iptables -P OUTPUT ACCEPT
>>>iptables -P FORWARD DROP
>>>
>>>iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>>>iptables -A INPUT -p tcp -d <myprivateip> --dport 8080 -s 0.0.0.0 -m
>>>state --state NEW -j ACCEPT
>>>      
>>>
>
>Is your Tomcat listening on 8080/tcp ? (netstat -an|grep 8080)
>Are you sure that your router is forwarding all connections ?
>
>Check with a logging rule between the -m state and the -p tcp rules to
>see what's going on (if there is) :
>
>iptables -A INPUT -j LOG --log-prefix "_ipt:check"
>
>
>Gr,
>Rob
>
>
>
>
>  
>

next prev parent reply	other threads:[~2004-04-08 20:13 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-04-08 15:13 opening connection for Tomcat Gianni Pucciani
2004-04-08 16:01 ` ro0ot
2004-04-08 16:30 ` Alexis
2004-04-08 17:50   ` Rob Sterenborg
2004-04-08 18:08     ` Alexis
2004-04-08 20:13     ` Gianni Pucciani [this message]
2004-04-08 21:53       ` Antony Stone
2004-04-08 23:18         ` Frank Gruellich
2004-04-09  6:28         ` Gianni Pucciani
2004-04-09  6:56           ` giorgio.zarrelli
2004-04-09 22:59             ` Antony Stone
2004-04-09  7:23           ` Rob Sterenborg
2004-04-09 13:50           ` Alexis
2004-04-09  1:05       ` Alexis
2004-04-08 17:55   ` Gianni Pucciani

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4075B24D.1020601@tin.it \
    --to=gp.puccio@tin.it \
    --cc=netfilter@lists.netfilter.org \
    --cc=rob@sterenborg.info \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.