Right, and that was my initial approach, but it seemed to have the effect of blocking traffic to port 80.
As I've said, I'm not seeing it as a real problem, but rather just letting people know that it is an ugliness associated with this (NAT) approach. On Sat, 2007-04-07 at 12:26 -0400, Mark Diggory wrote: > On Apr 7, 2007, at 12:08 PM, Mark H. Wood wrote: > > > On Fri, Apr 06, 2007 at 12:07:44PM -0400, Cory Snavely wrote: > >> For folks listening in with interest, we also use NAT port > >> forwarding to > >> get around the requirement for mod_jk, but FWIW I haven't > >> determined a > >> way to close the incoming *actual* Tomcat ports (8080/8443). > > > > Just don't open them. In [tomcat]conf/server.xml comment out the > > Connector with 'port="8080"' and leave commented the one with > > 'port="8443"'. You should then only be running AJP 1.3 on 8009 and > > the shutdown port on localhost:8005. If you want to limit AJP to the > > local host, you can add 'address="127.0.0.1"' to the AJP Connector. > > > > -- > > Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] > > Typically when a software vendor says that a product is "intuitive" he > > means the exact opposite. > > MarkW, > > This would only be the case if they were using mod_jk/Apache. but, > they are trying to use NAT/port forwarding and this means those > Tomcat ports are what are getting forwarded to. I'd say the quickest > solution is to just block those ports from external requests in the > NAT/firewall configuration. > > -Mark Diggory > > ~~~~~~~~~~~~~ > Mark R. Diggory - DSpace Systems Manager > MIT Libraries, Systems and Technology Services > Massachusetts Institute of Technology > > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > DSpace-tech mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/dspace-tech ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
