Article Content
Article Number | 000028882 |
Applies To | Affected Versions: All Versions |
Resolution | To allow http access to ACM, follow these steps: 1.Login into the ACM as “root” user 2.Open file, /etc/sysconfig/iptables 3.Add the following lines in the same location as shown below: -A PREROUTING -i bond0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8445 -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8445 -j ACCEPT A sample iptable would look like following. Please add the above lines in the same location as mentioned: :PREROUTING ACCEPT [4:1504] :POSTROUTING ACCEPT [7:514] :OUTPUT ACCEPT [7:514] -A PREROUTING -i bond0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443 -A PREROUTING -i bond0 -p tcp -m tcp --dport 444 -j REDIRECT --to-ports 8444 -A PREROUTING -i bond0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8445 COMMIT # Completed on Fri Aug 25 13:37:25 2006 # Generated by iptables-save v1.2.11 on Fri Aug 25 13:37:25 2006 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [126:17631] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8443 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8444 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8445 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1555 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1158 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited 4. Re-start iptables as “root” user. Execute service iptables restart |