Reputation: 47
Access RMI Port from remote using iptables
I want to access an RMI-Service from a remote Server. Locally everything works fine. But from the remote side i get the following exception:
java.net.ConnectException: Connection timed out
I used IP-Tables, that the server believes the request comes to 127.0.0.1 and not to the public ip address xx.yy.zz
iptables -t nat -A PREROUTING -p tcp -d xx.yy.zz --dport 1099 -j DNAT --to-destination 127.0.0.1:1099
The server is started with "-Djava.rmi.server.hostname=127.0.0.1" as JVM-Argument.
Regards, Markus
Upvotes: 2
Views: 2616
Answers (2)
Reputation: 128
For me this looks like misuse of iptables. Do the following:
- Make sure your application binds to the public address. For example by removing "-Djava.rmi.server.hostname=127.0.0.1".
- If you still can't reach your app. Add a firewall rule to iptables something like:
$iptables -A INPUT -p tcp --dport 1099 -j ACCEPT
Upvotes: 1
Reputation: 33073
I suspect the DNAT only changes the destination of the packet, rather than the source. Wouldn't it make a lot more sense to make the RMI server accept packets from a trusted LAN or VPN, instead of trying to rewrite the packets using iptables?
Upvotes: 0
Related Questions
- What port is used by Java RMI connection?
- Java RMI client and remote server Connection Refused to localhost
- Java RMI for remote ip (host)
- Accessing RMI Server
- Java RMI - specifying the port to use for communication
- Java RMI cannot connect to host from external client
- RMI server behind NAT Connection refused to host
- Trouble connecting to an RMI server which is behind a router
- Connecting to an RMI server that sits behind a firewall?
- How can I open a port in iptables for RMI access