[Macpartners] mapping ports on http requests

Scott C. Jensen jensen at ilp.mit.edu
Tue Apr 7 17:59:30 EDT 2009 

On Apr 7, 2009, at 4:35 PM, Mark Klein wrote:

>
> Thanks for the directions. Unfortunately, they didn't  work for me.  
> My web server listens to http://franc2.mit.edu:8000/. I set the IPFW  
> rules, with the following result:
>
> FRANC2:~ markklein$ sudo ipfw list
> 01000 fwd 127.0.0.1,8000 tcp from any to any dst-port 80 in
> 01100 allow ip from any to any dst-port 8000 in
> 65535 allow ip from any to any
>
> which looks right. But when I direct my browser to http://franc2.mit.edu/ 
> , i get the following error:
>
> 	Bad Request: Unknown Virtual Host
> 	The virtual host franc2.mit.edu on port 80 is unknown.
>
> Any ideas? Do I need to change anything else, e.g. the firewall  
> settings in the security control panel? Does the system need to be  
> rebooted for changes to take effect? Why does the ipfw rule  
> reference 127.0.0.1? Is that the address reserved for routers? My  
> server's ip is 18.36.1.44.

Hi,
     I looked on an older OSX box (client, not server) on which we're  
running a web-served database, and it has the same ipfw rule on it.  I  
also found the utility I originally used to generate the rule - It's a  
small app called Simple Port Forwarder, and it's used just for solving  
this problem.  I've included it with this msg, as well as a pic of how  
it's set on our machine (we use port 8080 instead of 8000, but  
everything else should be the same).  There's more info in its readme  
which may help you.

     Regarding your questions - I don't believe anything else needs to  
change in the security syspref (The firewall has to be on, of  
course).  The system shouldn't need to be rebooted, and doing so may  
even cause you some headaches - check the readme for more info.  The  
rule references IP address 127.0.0.1 because that's the localhost  
address on that machine - packets sent to it will always go to your  
local machine.  You can try using 18.36.1.44 instead, but remember to  
change the rule if you ever have to change that IP address.

     I hope this works for you - let me know how it goes...

                                                         ---SCJ




>   Thanks,
>
> 	Mark
>
>


-- 
Scott C. Jensen
  Asst. Director, Office of Info Services
    MIT Corporate Relations - Industrial Liaison Program
      Room W98-050    600 Memorial Drive   Cambridge, MA   02139
        617/253-0441      FAX: 617/258-0796     Email: jensen at mit.edu


-------------- next part --------------
A non-text attachment was scrubbed...
Name: pastedGraphic.png
Type: image/png
Size: 121608 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/macpartners/attachments/20090407/128f533d/attachment.png
-------------- next part --------------




-------------- next part --------------
A non-text attachment was scrubbed...
Name: SPF_1.2.dmg
Type: application/octet-stream
Size: 208299 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/macpartners/attachments/20090407/128f533d/attachment.obj

More information about the Macpartners mailing list