-
ServerSocket / linux iptables problem
Hello all,
I am attempting to construct a firewall/packet filtering system under linux, and need it to recognise connections to a ServerSocket on a specified port. However, new ServerSockets are not assigned to a specific IP address, as they are always at a port on the local host. Linux iptables will not recognise the request however as there is no IP address.
So I was wondering......
Is there any way of creating a ServerSocket with an IP address?
thanks 
-
Oops....
Sorry I just found the constructor that allows you to specify an IP address.
This is now linux iptables-specific and I apologise, but if anyone can help it would be much appreciated!
Please move to a more relevant forum if needed.
I have set up iptables to accept inputs to the localhost for packets to/from port 200 by:
iptables -A INPUT -d localhost -p tcp --dport 200 -j ACCEPT
iptables -A INPUT -d localhost -p tcp --sport 200 -j ACCEPT
the default policy is set to DROP.
My Java application attempts to create a new ServerSocket on port 200 with the following:
code:
--------------------------------------------------------------------------------
java.net.InetAddress addr = java.net.InetAddress.getLocalHost(); server = new ServerSocket(200,0,addr);
--------------------------------------------------------------------------------
but the packet doesn't get through. any ideas?
-
What are your output and forward default policy's, and do you have any rules in the nat or filter or mangle tables which could be interfering?
Also try using a port > 1024, since iirc on unix/linux systems ports < 1024 require root priviledges to bind to, though if that were the problem I would expect that you would have had an exception thrown when you tried binding to it.
-
hiya,
default policies in forward and output are set to accept, with no other rules or chains called.
I tried a higher port number (1050), but to no avail. It seems to be connnecting eventually, after 3 minutes or so. The socket looks as follows:
server = ServerSocket[addr=localhost/127.0.0.1, port=0, localport=1050]
But I don't see why it should take so long.........?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
Forum Rules
|
Top DevX Stories
Easy Web Services with SQL Server 2005 HTTP Endpoints
JavaOne 2005: Java Platform Roadmap Focuses on Ease of Development, Sun Focuses on the "Free" in F.O.S.S.
Wed Yourself to UML with the Power of Associations
Microsoft to Add AJAX Capabilities to ASP.NET
IBM's Cloudscape Versus MySQL
|
Reply With Quote
Bookmarks