Linux is kinda fun...

You're on a Linux box.  You want to set up an unprivileged user (yourself, maybe) to be able to run on port 80... how do you do it?  There's actually quite a few ways, some that use permissions in security-focused versions of linux, some that have root run the process then shed privileges (the traditional way).  There's also a neat little hack where you just tell the firewall to forward port 80 to port 8080 and trust that your users will only ever run good and happy programs on 8080 :) .

I've mucked about with FreeBSD firewalls before, but this was the first time I'd tried playing with Linux iptables... it's kinda neat, there's a live command "iptables" that lets you modify the current configuration, test, and make sure you haven't screwed up.  When you have what you want, you can save out the results with iptables-save and install the resulting saved configuration into your init script (which uses iptables-restore on the result).

Have the server mostly set up for the little feedback system now.  Still need to get it a domain name, probably just set it up as a sub-domain for now and put buying a real one and a certificate on the todo list.  For now, however, should get back to trying to make money.


  1. Jason R. Coombs

    Jason R. Coombs on 01/27/2010 12:28 p.m. #

    In case you weren't aware - StartCom ( is a great place to get free, trusted certificates.

  2. Tobu

    Tobu on 01/27/2010 3:17 p.m. #

    What kind of spam is that ^^

    I like socat for this stuff (also my netfilter-fu is weak).

    socat TCP-LISTEN:80,fork TCP:localhost:8080

Comments are closed.


Pingbacks are closed.