Redirect ports

If you have performed an ARIS installation on a Linux operating system the internal ARIS user running all runnables has no root privileges. So all privileged ports (<1024) cannot be used. To run ARIS under a privileged port a user with root privileges must redirect the ports, for example, the HTTP port 80 or the HTTPS port 443.

Procedure

  1. Start ARIS Cloud Controller (ACC). Relative to your Linux system you need to redirect different ports one after another.
  2. To redirect ports to be accessed from external clients enter the commands using the following syntax:

    iptables -t nat -A PREROUTING -i <network interface> -p tcp --dport <port number to redirect> -j REDIRECT --to-ports <port number>

    This example redirects port 80 to port 1080:

    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 1080

  3. To redirect ports to be accessed from internal web browsers enter the commands using the following syntax:

    iptables -t nat -A OUTPUT -p tcp -d <server IP address>/<bit number netmask> --dport <port number to redirect> -j REDIRECT --to-port <port number>

    This example redirects port 80 to port 1080 using 127.0.0.1 for localhost and /8 using netmask 255.255.255.0:

    iptables -t nat -A OUTPUT -p tcp -d 127.0.0.0/8 --dport 80 -j REDIRECT --to-port 1080

    In order to use personal computer names too please enter this command again using the IP address of the personal computer, for example:

    iptables -t nat -A OUTPUT -p tcp -d 10.128.33.176/8 --dport 80 -j REDIRECT --to-port 1080

  4. Redirect other ports, for example, port 443.
  5. Enter startall.

ARIS runnables run using the redirected ports.

If runnables do not start up properly, resolve possible port conflicts.