Layer7 80 and 443 forwarding issue
Article ID: 212389
Updated On:
Products
Issue/Introduction
On Gateway 10 in order to allow traffic on lower ports on the Layer7, such as 443 and 80, that there must be a manage Firewall rule set that redirects traffic from low port such as 80 to an high port such as 8080. However this doesn't seem to work when I test on the localhost via curl?
For example,
# curl http://localhost/echo --insecure
Also note when doing this on the localhost even if you specify hostname or ip, all seem to go through the loopback.
And you see error,
curl: (7) Failed connect to localhost:80; Connection refused
Environment
Release : 10.0
Component : API GATEWAY
Resolution
Once setup in the manage firewall rules of policy manager. You can curl via external hosts (or internet browser)
Internal host (itself) does not work until you change this for loopback.
You can use iptables rules;
To allow curl,
# iptables -t nat -A OUTPUT -p tcp -o lo --dport 80 -j REDIRECT --to-port 9080
To save it as persistent so its not lost at restart,
# service iptables save
Feedback
