Hello,
I'm setting a pair of machines, one of which is running tomcat, and the
other of which is running apache. I am using ajp13 to connect the two
machines, and am trying to configure an iptables firewall on the apache
machine (the tomcat machine will be next).
The roadblock that I'm running into is that I don't know which ports
will be used as the destination ports on the apache machine when tomcat
replies. The ports that I set up in server.xml and in
workers.properties are the source of my replies...
Looking at my syslog log file, I see that I'm getting information sent
to ports 32769 up through 32792 (and maybe even more, I haven't looked
through them that much yet). An example line is included below:
Sep 12 11:42:51 web1 kernel: INT_IN DROP 7 IN=eth1
OUT=MAC=00:30:48:11:69:a8:00:b0:d0:e1:cc:0f:08:00 SRC=192.168.1.32
DST=192.168.1.21 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP
SPT=8011 DPT=32794 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Where is this port configured (if it's configurable)? Or, does anyone
know which ports I need to be leaving open?
Thanks very much for any help!
Sincerely,
Scott
