Installing the eG Manager on Privileged Ports

On Unix, all ports below 1024 are privileged ports. Only super users or users authorized to access this port will be able to bind to these ports. If you wish to have the eG manager listening on a privileged port, you will need to follow the procedure listed below.

On Linux systems, follow the steps below:

  1. Install the eG manager on a port higher than 1024 – e.g., 7077.
  2. Use the iptables command to set up redirection from a privileged port to the port that the eG manager is using. For example, suppose you have installed the eG manager on port 7077 with SSL support and you would like the manager to listen on port 443; then, do the following:

    • Start the Manager on port 7077 using the start_manager command.
    • Execute the iptables command as below on the Linux system hosting the eG manager. These commands should be executed from a super-user account.

      iptables -t nat -A OUTPUT -d <IP/HostName of the eG Manager> -p tcp --dport 443 -j REDIRECT --to-ports 7077

      iptables -t nat -A PREROUTING -d <IP/HostName of the eG Manager> -p tcp --dport 443 -j REDIRECT --to-ports 7077

    • Once these commands are executed, the eG manager will be accessible on port 443 as well.
  3. Entries configured using iptables are lost when the manager reboots. To save the iptables configuration, do the following:

    • Run the following command as root user:

      /sbin/iptables-save > /opt/egurkha/iptables.fw

    • Edit the file /etc/rc.local and append the following line to this file

      /sbin/iptables-restore < /opt/egurkha/iptables.fw

Now, even if the eG manager system is rebooted, the iptables configuration is restored.