Solved

How to send all network traffic generated by tomcat/app_server to a proxy_host:port

Posted on 2014-11-13
1
318 Views
Last Modified: 2014-11-28
I am using a appserver/tomcat in the AWS (amazon web service) which is in private subnet. There is code inside appserver which talk with external authentication service. Now I have a proxy/NAT server (proxy:port) which has direct connectivity to external services.

Using iptables, How can I send all the network traffic request generated by tomcat/appserver via proxy:port so that tomcat/appserver can reach external authentication services?

Thanks!
0
Comment
Question by:beer9
1 Comment
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40441644
you may want to check out the proxy setting for AWS iptables in /etc/sysconfig/iptables - note from the sharing that the below applies to all packets arriving from outside to any network interface. If you are running any applications on the same instance that need to talk to Tomcat on the HTTP port, you need to add another rule.
e.g. sudo /sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

and it also stated to include the proxyPort attribute in your HTTP connector config in server.xml (in this case): <Connector port="8080" proxyPort="80" .../>
Just to share other using similar for more examples
0

Featured Post

Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now