linux配置端口映射

在使用非root用户启动tomcat时，如果tomcat配置为80端口，会报Permission denied错误，如：

an 07, 2016 12:19:47 PM org.apache.coyote.AbstractProtocol initINFO: Initializing ProtocolHandler ["http-bio-80"]Jan 07, 2016 12:19:47 PM org.apache.coyote.AbstractProtocol initSEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-80"]java.net.BindException: Permission denied <null>:80at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:411)at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:640)at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:434)at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)at org.apache.catalina.connector.Connector.initInternal(Connector.java:978)at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)

在网上查询后，把tomcat改回8080端口，然后配置linux端口映射80到8080端口。

配置方式一、命令行方式。

（1）配置映射

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

（2）保存配置。如果不保存，重启后此映射将失效

service iptables save

配置方式二、修改/etc/sysconfig/iptables文件，修改后要执行 service iptables restart重启防火墙。配置如：

# Generated by iptables-save v1.4.7 on Thu Jan  7 12:37:28 2016*nat:PREROUTING ACCEPT [687:71239]:POSTROUTING ACCEPT [2:124]:OUTPUT ACCEPT [2:124]-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080COMMIT# Completed on Thu Jan  7 12:37:28 2016# Generated by iptables-save v1.4.7 on Thu Jan  7 12:37:28 2016*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [145:11884]-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT-A INPUT -j REJECT --reject-with icmp-host-prohibited