LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page [SOLVED] redirecting 80/tcp to 443/tcp using iptables
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-11-2010, 05:45 AM   #1
rgdacosta
Member
 
Registered: Jun 2007
Location: South Africa
Distribution: Linux Mint,Fedora, openSUSE, RHEL, SLES, Scientific Linux
Posts: 71

Rep: Reputation: 25
redirecting 80/tcp to 443/tcp using iptables

I am running apache2 with a virtualhost setup with SSL. connections to the virtual host using https works and I can access my page.

By default I want all incoming connections to the vhost on 80/tcp to be rerouted to 443/tcp.

I've used the following command to achieve the desired result:

iptables -t nat -A PREROUTING -p tcp -i eth_s0_0 --dport 80 -j DNAT --to-destination 192.168.16.200:443

When a client connects to the vhost on port 80 it shows HTTP error 400.

Why is it doing this and how do I resolve the problem?

Thanks guys

Ricardo
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 08-11-2010, 06:12 AM   #2
Guttorm
Senior Member
 
Registered: Dec 2003
Location: Trondheim, Norway
Distribution: Debian and Ubuntu
Posts: 1,453

Rep: Reputation: 447Reputation: 447Reputation: 447Reputation: 447Reputation: 447
Hi

Both the browser and the server will be confused by this. The browser sends a HTTP request, the server then gets an invalid HTTPS request, so it's not strange you get HTTP error 400 (bad request).

Instead, use mod_rewrite on the Apache server to force HTTPS. Something like:

RewriteCond %{SERVER_PORT}!^443$
RewriteRule ^(.*)$ https://www.domain.com/$1 [R,L]
 
2 members found this post helpful.
Old 08-11-2010, 03:12 PM   #3
rgdacosta
Member
 
Registered: Jun 2007
Location: South Africa
Distribution: Linux Mint,Fedora, openSUSE, RHEL, SLES, Scientific Linux
Posts: 71

Original Poster
Rep: Reputation: 25
I got it working using the following parameters inside the vhost config:

RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://webmail.mydomain.com

Thanks for the help!
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
slow tcp on 100mbps wan, strange tcp window behaviour on ubuntu 9.10 cputoaster Linux - Networking 2 03-10-2010 12:43 AM
slow tcp wan, strange tcp window behaviour on ubuntu 9.10 cputoaster Linux - Networking 0 03-09-2010 04:39 AM
not work: iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 3306 -j DROP abefroman Linux - Security 1 07-18-2007 08:19 AM
Linux change TCP kernel Parameter for TCP DELAY ACK TICKS linux_mando Linux - Networking 5 08-22-2006 08:20 AM
Webmin On TCP port 443...but with Apache Mod_ssl installed... ech310n Linux - Networking 6 01-27-2004 04:10 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:49 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration