🐧 Linux - Listen to Ports Below 1024
Updated at 2015-07-25 16:16
Most operating systems block listening to ports below 1024 for users that are not root. This makes hosting website using a non-root user a bit troublesome.
But you can host the server on a port above 1024, then route that port to any port below 1024 while root:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443
iptables -t nat -n -L PREROUTING # list the routings
# To remove routings...
iptables -t nat -D PREROUTING 1 # removes the top one
iptables -t nat -D PREROUTING 2 # removes the second one, etc.
These rules are removed on reboot. To apply them on reboot:
Fedora and Amazon Linux:
service iptables save
Ubuntu:
# Save the rules to a file
iptables-save > /etc/iptables-webserver.conf
# Create startup script
touch /etc/network/if-up.d/iptables
#!/bin/sh
iptables-restore < /etc/iptables-webserver.conf
# Allow executing the file
chmod +x /etc/network/if-up.d/iptables