首先，我只是想看看它是不是在EC2控制台安全组的设置。因为我可以安装Apache的，这是由故障80端口，并能够访问Apache网站通过80端口。 但是对于Tomcat的工作原理，如果我使用8080端口（默认）或某些值大于1023（我认为这个端口）。但是当我改变的server.xml（改变8080〜80）如果我使用80端口，我成功地启动该服务无法正常工作，但没有80 / HTTP侦听。我知道这应该是一些特权问题（只有root可以开始低于1023端口的服务）。但我不知道该怎么做。

First, i just want to see it is not security group setup in ec2 console. because i can setup the apache, which is by fault 80 port, and be able to visit the apache website through 80 port. but for tomcat it works if i use port 8080(by default) or some values bigger than 1023(i think this port). but when i change server.xml(changing 8080 to 80) it cannot work if i use 80 port, i start the service successfully, but there is no 80/http listening. I know it should be some privileges issues(only the root can start service below 1023 port). but i did not know how to do it.

推荐答案

对于这个问题我个人的选择是使用的iptables 来的所有流量重定向从端口80上端口（例如8080）在Tomcat上运行。

My personal choice for this problem is to use iptables to redirect all traffic from port 80 to the upper port (e.g. 8080) the Tomcat is running on.

/sbin/iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
/sbin/iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080