I want to access an RMI-Service from a remote Server. Locally everything works fine. But from the remote side i get the following exception:
java.net.ConnectException: Connection timed out
I used IP-Tables, that the server believes the request comes to 127.0.0.1 and not to the public ip address xx.yy.zz
iptables -t nat -A PREROUTING -p tcp -d xx.yy.zz --dpo开发者_运维百科rt 1099 -j DNAT --to-destination 127.0.0.1:1099
The server is started with "-Djava.rmi.server.hostname=127.0.0.1" as JVM-Argument.
Regards, Markus
For me this looks like misuse of iptables. Do the following:
- Make sure your application binds to the public address. For example by removing "-Djava.rmi.server.hostname=127.0.0.1".
- If you still can't reach your app. Add a firewall rule to iptables something like:
$iptables -A INPUT -p tcp --dport 1099 -j ACCEPT
I suspect the DNAT only changes the destination of the packet, rather than the source. Wouldn't it make a lot more sense to make the RMI server accept packets from a trusted LAN or VPN, instead of trying to rewrite the packets using iptables?
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论