hello fellow linode users,

I just setup my tomcat to run on port 8080, but to forward all incoming requests on port 80 to 8080.
I configured iptables to ignore all connections except 80 & ssh and and configured prerouting too. so far so good. Now when I add tell iptables to ignore all incoming connections (at the end of the configuration). port 80 and 8080 everything stops working.

#Clear all earlier configurations
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -t nat -X
iptables -t mangle -X

#enable loopback
iptables -A INPUT -i lo -j ACCEPT
#enable already established connections
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
#enable ssh
iptables -A INPUT -p tcp --dport ssh -j ACCEPT
#enable port 80
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
#PREROUTING from 80 to 8080
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

Everything is ok so far and works as expected
After adding below line everything stops working
iptables -A INPUT -j DROP

Any help is appreciated.

cheers

This isn't the issue, but wherever you copied this from (or read while making it) is out of date. I believe connstate is deprecated, if not removed.

You want:

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

If you're unfamiliar with iptables, I'd consider something like Shorewall as it writes rules that you wouldn't think of (and you've neglected here, like state INVALID).