linux配置端口映射

  1. 云栖社区>
  2. 博客>
  3. 正文

linux配置端口映射

填坑大人 2016-01-07 12:49:47 浏览465

在使用非root用户启动tomcat时,如果tomcat配置为80端口,会报Permission denied错误,如:

an 07, 2016 12:19:47 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-80"]
Jan 07, 2016 12:19:47 PM org.apache.coyote.AbstractProtocol init
SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-80"
]
java.net.BindException: Permission denied <null>:80
	at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:411)
	at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:640
)
	at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:434)
	at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11Jss
eProtocol.java:119)
	at org.apache.catalina.connector.Connector.initInternal(Connector.java:978)
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
	at org.apache.catalina.core.StandardService.initInternal(StandardService.java
:559)

在网上查询后,把tomcat改回8080端口,然后配置linux端口映射80到8080端口。

配置方式一、命令行方式。

(1)配置映射

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

(2)保存配置。如果不保存,重启后此映射将失效

service iptables save

配置方式二、修改/etc/sysconfig/iptables文件,修改后要执行 service iptables restart重启防火墙。配置如:

# Generated by iptables-save v1.4.7 on Thu Jan  7 12:37:28 2016
*nat
:PREROUTING ACCEPT [687:71239]
:POSTROUTING ACCEPT [2:124]
:OUTPUT ACCEPT [2:124]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
COMMIT
# Completed on Thu Jan  7 12:37:28 2016
# Generated by iptables-save v1.4.7 on Thu Jan  7 12:37:28 2016
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [145:11884]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited