[Macpartners] mapping ports on http requests

Mark Klein m_klein at MIT.EDU
Tue Apr 7 16:35:10 EDT 2009 

Thanks for the directions. Unfortunately, they didn't  work for me. My  
web server listens to http://franc2.mit.edu:8000/. I set the IPFW  
rules, with the following result:

FRANC2:~ markklein$ sudo ipfw list
01000 fwd 127.0.0.1,8000 tcp from any to any dst-port 80 in
01100 allow ip from any to any dst-port 8000 in
65535 allow ip from any to any

which looks right. But when I direct my browser to http://franc2.mit.edu/ 
, i get the following error:

	Bad Request: Unknown Virtual Host
	The virtual host franc2.mit.edu on port 80 is unknown.

Any ideas? Do I need to change anything else, e.g. the firewall  
settings in the security control panel? Does the system need to be  
rebooted for changes to take effect? Why does the ipfw rule reference  
127.0.0.1? Is that the address reserved for routers? My server's ip is  
18.36.1.44.

     Thanks,

	Mark




> Hi,
>     We do this here with firewall rules under Leopard server.   
> Here's the rules that work for us (I don't believe the 2nd one is  
> necessary, but add it if you need it):
>
> fwd 127.0.0.1,8000 tcp from any to any dst-port 80 in
> allow tcp from any to any dst-port 8000
>
>     I use the GUI in Server Admin to add these rules, but you should  
> be able to add them with the ipfw command in a non-server version of  
> Leopard.
>
>     Hope this helps...
>                                                       ---SCJ
>
>
>
> On Apr 7, 2009, at 8:42 AM, Mark Klein wrote:
>
>>
>> I am running an HTTP server (cl-http) on a Mac under OS 10.5. The  
>> server listens only to port 8000, and there is apparently no easy  
>> way to change that. This means, however, that some people are  
>> unable to access my server because their firewalls block ports  
>> above 1000. So, what I'd like to do is find a way to re-direct http  
>> requests sent to port 80 on my Mac so they go to port 8000. I've  
>> heard there are several ways this can be done, including:
>>
>>  - use NATD (the Network Address Translation daemon)
>>  - use forwarding rules on my Mac's firewall
>>
>> I've tried several ways to configure this, including:
>>
>> - using ipfw from the command line
>> - using portmap (which I believe configures the network address  
>> translation)
>> - using waterroof (which can configure firewall rules, as well as  
>> the NATD)
>>
>> None have worked for me. I suspect that I'm missing some simple  
>> piece to the configuration process, but I have no idea what.
>>
>> Is there a Mac OS guru out there whom could help set up the http  
>> port mapping properly on my Mac? I would greatly appreciate it,  
>> this has held me up for several weeks.
>>
>>  Thanks very much,
>>
>> 	  Mark
>>
>> -----------------
>> Mark Klein
>> Principal Research Scientist
>> MIT Center for Collective Intelligence
>> http://cci.mit.edu/klein/
>
>
> -- 
> Scott C. Jensen
>  Asst. Director, Office of Info Services
>    MIT Corporate Relations - Industrial Liaison Program
>      Room W98-050    600 Memorial Drive   Cambridge, MA   02139
>        617/253-0441      FAX: 617/258-0796     Email: jensen at mit.edu
>

-----------------
Mark Klein
Principal Research Scientist
MIT Center for Collective Intelligence
http://cci.mit.edu/klein/

More information about the Macpartners mailing list