Redirecionar o servidor web da porta 5000 para a porta 80 no host local (Fedora, firewall-cmd)

1

No Fedora 24, um servidor web (Node.js) está rodando (independente, sem apache / nginx) na porta 5000. link funciona

Como torná-lo acessível na porta 80?

Tentei isso

systemctl restart firewalld
firewall-cmd --add-service=http --permanent
firewall-cmd --add-masquerade --permanent
firewall-cmd --add-forward-port=port=80:proto=tcp:toport=5000 
firewall-cmd --list-all
FedoraWorkstation (active)
  target: default
  icmp-block-inversion: no
  interfaces: wlp3s0
  sources: 
  services: mdns ssh dhcpv6-client samba-client https http
  ports: 1025-65535/tcp 1025-65535/udp
  protocols: 
  masquerade: yes
  forward-ports: port=80:proto=tcp:toport=5000:toaddr=
  source-ports: 
  icmp-blocks: 
  rich rules: 

Informações adicionais Tentei todos os itens acima com --zone = externo também

Executando o nó como root na porta 80 funciona. Note que não há IPv4:

netstat -tpln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/systemd           
tcp        0      0 0.0.0.0:4433            0.0.0.0:*               LISTEN      3977/deluge-gtk     
tcp        0      0 0.0.0.0:51157           0.0.0.0:*               LISTEN      3977/deluge-gtk     
tcp        0      0 0.0.0.0:5432            0.0.0.0:*               LISTEN      900/postgres        
tcp        0      0 0.0.0.0:17500           0.0.0.0:*               LISTEN      3203/dropbox        
tcp        0      0 127.0.0.1:17600         0.0.0.0:*               LISTEN      3203/dropbox        
tcp        0      0 127.0.0.1:17603         0.0.0.0:*               LISTEN      3203/dropbox        
tcp6       0      0 :::111                  :::*                    LISTEN      1/systemd           
tcp6       0      0 :::4433                 :::*                    LISTEN      3977/deluge-gtk     
tcp6       0      0 :::51157                :::*                    LISTEN      3977/deluge-gtk     
tcp6       0      0 :::5432                 :::*                    LISTEN      900/postgres        
tcp6       0      0 :::17500                :::*                    LISTEN      3203/dropbox        
tcp6       0      0 :::34017                :::*                    LISTEN      10532/code          
tcp6       0      0 :::5858                 :::*                    LISTEN      30394/node          
tcp6       0      0 :::5000                 :::*                    LISTEN      30394/node     
    
por Marius Andreiana 11.05.2017 / 08:06

1 resposta

0

firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --add-masquerade --permanent
firewall-cmd --add-forward-port=port=80:proto=tcp:toport=5000 --permanent

#make port forwarding work on localhost
iptables -t nat -I OUTPUT --source 127.0.0.1 --destination 127.0.0.1 -p tcp --dport 80 -j REDIRECT --to-ports 5000
    
por 11.05.2017 / 08:18