Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4174417624 for ; Tue, 28 Oct 2014 13:57:29 +0000 (UTC) Received: (qmail 26129 invoked by uid 500); 28 Oct 2014 13:57:25 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 26065 invoked by uid 500); 28 Oct 2014 13:57:25 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 26054 invoked by uid 99); 28 Oct 2014 13:57:25 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 28 Oct 2014 13:57:25 +0000 X-ASF-Spam-Status: No, hits=0.9 required=5.0 tests=FREEMAIL_ENVFROM_END_DIGIT,SPF_HELO_PASS,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [162.253.133.43] (HELO mwork.nabble.com) (162.253.133.43) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 28 Oct 2014 13:56:58 +0000 Received: from malf.nabble.com (unknown [162.253.133.59]) by mwork.nabble.com (Postfix) with ESMTP id 7E9128A33C0 for ; Tue, 28 Oct 2014 06:55:26 -0700 (PDT) Date: Tue, 28 Oct 2014 06:55:25 -0700 (PDT) From: =?UTF-8?Q?L=C3=A9a_Massiot?= To: users@tomcat.apache.org Message-ID: <1414504525946-5024571.post@n6.nabble.com> In-Reply-To: <544F80D3.2080305@christopherschultz.net> References: <1414339442168-5024482.post@n6.nabble.com> <1414432050055-5024501.post@n6.nabble.com> <1414437559304-5024506.post@n6.nabble.com> <544F80D3.2080305@christopherschultz.net> Subject: Re: HTTPS / URLs with no port number / Tomcat only MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Christopher Schultz-2 wrote > A bit of warning: when modifying iptables, you need to be very careful > that you don't wipe-out any rules that allow you to gain remote access > to the server. For instance, if you have a default rule to DROP all > packets and an exception that allows port 22 (ssh) traffic, then > flushing all the rules in a table can make it impossible for you to > revert the change without remote-rebooting (or, worse yet, paying > someone to walk into the cage and push the reset button). Yes right, fortunately I wasn't working on a remote machine. On Debian Wheezy, the following set of commands actually disables the firewall: ------------------------------------------------------- iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT ------------------------------------------------------- Best regards. -- View this message in context: http://tomcat.10.x6.nabble.com/HTTPS-URLs-with-no-port-number-Tomcat-only-tp5024482p5024571.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org