Under Linux, Tomcat is mapped to 8080 ports using 80 ports __linux

Sometimes we have Tomcat installed on the service Linux server (port number 8080), and the company's requirement is to enter the URL without adding a port number to access it, which means that the browser has to access your Tomcat (port 8080) via port 80, for which there are two solutions:

1. The Linux system prohibits 10,241 ports from being used by non-root users, then you must log on with root to start Tomcat modified to port 80 (note: directly in Tomcat Server.xml to 80, the sudo command is not bootable and must be started by the root user login. ）

2. based on the root password is not casually can be obtained, so the general use of the second method (that is, port mapping) to achieve your purpose: The specific command is:

Iptables-t nat-a prerouting-p tcp--dport 80-j REDIRECT--to-port 8080

-T NAT: Indicates what table I want to manipulate. (without writing, it means filter. Default is Filter)

-a prerouting:a added meaning. Indicates that I want to add a rule to the prerouting

--dport 80: If 80 ports are requested.

--to-port 8080: Then go to port 8080.

The test is as follows:

Entering http://localhost:8080 and input http://localhost in the browser address bar can achieve the same effect. (the former is through mapping, the latter is direct access to the original address.) ) Delete map: iptables-t nat-l-nv--line-numbers

The function of this command is to list the rules in the NAT table and give Num.
Then we can use this ID to delete this rule.
If you do not write-t NAT then the default lookup is the filter table. Then you cannot find the rule.

Using this statement, you can delete this rule.

iptables-t nat-d prerouting 1

-T nat: Indicates that I want to manipulate this table, not to indicate that it is filter.
-D: Indicates that the delete operation was performed
Prerouting: Represents which chain in a NAT table. The following number 1 is the NUM in the figure above

It should be noted that the iptables on the Debian/ubuntu will not save the rule.

You need to follow these steps to have the NIC shutdown to save the iptables rule and load the iptables rule at startup:

1. Create/etc/network/if-post-down.d/iptables

Execution: chmod +x/etc/network/if-pre-up.d/iptables Add execute permissions.

File, add the following:

#!/bin/bash

Iptables-save >/etc/iptables.rules

Execution: chmod +x/etc/network/if-post-down.d/iptables Add execute permissions.

2. Create the/etc/network/if-pre-up.d/iptables file and add the following:

#!/bin/bash

Iptables-save </etc/iptables.rules

Execution: chmod +x/etc/network/if-pre-up.d/iptables Add execute permissions.