Incorrect RTR default port

[waehlisch]

The current RTR default port is 9178 but should be 323 (see https://tools.ietf.org/html/rfc6810#section-7)

rpki-validator-3/rpki-rtr-server/src/main/java/net/ripe/rpki/rtr/RtrServer.java

Line 64 in dc39e41

public static final int DEFAULT_RTR_PORT = 9178;

[timbru]

First of all: this port is overridden in the "application.properties" file. It defaults to 8323 there.

If you want to use 323 you have a number of options, also highlighted here:
https://blogs.oracle.com/sduloutr/binding-a-server-to-privileged-port-on-linux-wo-running-as-root

• Change "rtr.port" to 323 and run as root (not advised)
• Use "setcap" and allow java to bind to port 323 (the validator does not have its own process).
• Use "iptables"

The latter seems easiest to me as it is explicit and does not involve changing default security settings. You can use the following commands to make this work on Linux:

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 323 -j REDIRECT --to-port 8323
iptables-save > /etc/sysconfig/iptables

It might be possible start the java process as root, bind to port 323 and then drop privileges, as @waehlisch suggested here. However, that seems quite complicated.

In my view we are better of documenting the options properly (hint taken), and possibly including the "iptables" option as default in the RPM and Docker (still under construction at the time of this writing)