Linux has a port of less than 1024 that requires root to bind.
It is unwise to start Tomcat with root permissions, you can start Tomcat listening on port 8080 using non-root privileges, and then use port forwarding to monitor for port 80.
Port forwarding:
# iptables-t nat-a prerouting-p tcp--dport 80-j REDIRECT--to-port 8080
-A prerouting Add new rule
-P Check TCP protocol
--dport 80 Specify Destination port
-j REDIRECT Target Jump
--to-prot 8080 Specify the source port
As loopback devices (like localhost) don't use the prerouting rules, if your need to use localhost, etc., add this rule as @Francesco:
# iptables-t nat-i output-p tcp-d 127.0.0.1--dport 80-j REDIRECT--to-ports 8080
Note:the above solution is not. Suited for multi-user systems, as any user can open port 8080 You are decide to use), thus intercepting the traffic. (Credits to CesarB).
To delete the above rule:
# iptables-t Nat--line-numbers-n-L
This would output something like:
Chain prerouting (Policy ACCEPT)
num target prot opt source destination
1 REDIRECT TCP - - 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 redir ports 80882 REDIRECT TCP - - 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
The rule you are are interested in are nr. 2, so to delete it:
# iptables-t nat-d prerouting 2
Solve the problem of iptables after reboot failure:
Iptables-persistent for Debian/ubuntu
Since Ubuntu 10.04 LTS (Lucid) and Debian 6.0 (squeeze) there is a package with the name "Iptables-persistent" which takes Over the automatic loading of the saved iptables rules. To does this, the rules must is saved in the file/etc/iptables/rules.v4 for IPv4 and/etc/iptables/rules.v6 for IPV6.
For use, the package must simply is installed.
# Apt-get Install Iptables-persistent
You can then use Iptables-save (which requires root permissions) to be permanently saved, and the next time you start it, it will take effect directly.