Shulou(Shulou.com)06/02 Report--

Application scenario

In many cases, we install software such as tomcat or nginx on the linux server.

When we want to use port 80, we will report an error if we do not use root user startup.

This is because, for linux systems, ports below 1024 are not available to ordinary users.

There are two kinds of solutions on the Internet, one is to give root permission to files.

Another kind is to do the port jump. I think maybe the port jump may be safer. Just focus on how to configure it.

IPTABLES

Here we mainly do is the local port jump, I mainly talk about how to set and delete.

For more information about iptables, you can refer to a lot of materials on the Internet.

Add a mapping for a port

Now we're going to do one thing, assuming that we have tomcat. 0 installed on our linux. The default access port is 8080.

Now I want to be able to access tomcat when the user accesses port 80.

Just execute the command under the root user

Iptables-t nat-A PREROUTING-p tcp-dport 80-j REDIRECT-to-port 8080

-t nat: indicate what table I want to operate. If you don't write, it means filter. Default is filter)

-A PREROUTING: the meaning added by A. Means I want to add a rule to PREROUTING

-dport 80: if port 80 is requested.

-to-port 8080: then go to port 8080.

The tests are as follows:

How to delete a rule

As we can see from the above, we added the rules in the PREROUTING of the nat table.

So we have to delete this rule from the PREROUTING of the nat table.

Iptables-t nat-L-nv-- line-numbers

The purpose of this command is to list the rules in the nat table and give a num.

Then we can use the id to delete the rule.

If you do not write-t nat, then the default search is the filter table. Then there is no way to find the rules.

You can delete the rule by using this statement.

-t nat: indicates that I want to manipulate this table, not indicating that it is filter.

-D: indicates that the delete operation is performed

PREROUTING: indicates which chain in the nat table. The number 1 is the num in the image above.

Summary

I did the following experiments: nginx occupies port 80. Tomcat occupies port 8080.

Turn on nginx,tomcat

1. If the jump is enabled, then the nginx will not be accessed. Because when accessing port 80, I jumped to port 8080.

If you turn off the port jump, you can access nginx.

It can be seen from the above that the port jump will not occupy the port.

If adding rule access does not achieve the desired effect, clear browser cache is fine.

All the above operations disappear after restart. If you want to keep the operation, execute service iptables restart

Well, the above is the whole content of this article. I hope the content of this article has a certain reference and learning value for your study or work. Thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.