在使用非root用户启动tomcat时,如果tomcat配置为80端口,会报Permission denied错误,如:
an 07, 2016 12:19:47 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-80"]
Jan 07, 2016 12:19:47 PM org.apache.coyote.AbstractProtocol init
SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-80"
]
java.net.BindException: Permission denied <null>:80
at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:411)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:640
)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:434)
at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11Jss
eProtocol.java:119)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:978)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java
:559)
在网上查询后,把tomcat改回8080端口,然后配置linux端口映射80到8080端口。
配置方式一、命令行方式。
(1)配置映射
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
(2)保存配置。如果不保存,重启后此映射将失效
service iptables save
配置方式二、修改 /etc/sysconfig/iptables文件,修改后要执行 service iptables restart重启防火墙。配置如:
# Generated by iptables-save v1.4.7 on Thu Jan 7 12:37:28 2016
*nat
:PREROUTING ACCEPT [687:71239]
:POSTROUTING ACCEPT [2:124]
:OUTPUT ACCEPT [2:124]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
COMMIT
# Completed on Thu Jan 7 12:37:28 2016
# Generated by iptables-save v1.4.7 on Thu Jan 7 12:37:28 2016
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [145:11884]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited