As part of a pilot project, I am attempting to set-up a thin client environment for a team of developers using NoMachine. Each developer will login to the same Linux box and do development via an X session. Currently, each developer runs their own HTTP daemon on their local workstation that listens on 127.0.0.1:5000. However, if I move everyone onto the same machine this obviously creates a problem with port conflicts.
Ideally, I'd like to keep their workflow the same. If I have to assign everyone a unique port, it's just going to create a lot of grief and confusion. Is there a way to do this? Can different processes bind to the same port on a per-user basis? I discovered a way to use iptables to do port redirection on a per-user basis, but this only solves part the problem:
iptables -t nat -I OUTPUT --src 0/0 --dst 127.0.0.1 -p tcp --dport 5000 -m owner --uid-owner userA -j REDIRECT --to-ports 5001
This solution still doesn't allow different processes to bind to the same port. And I'm not even sure that I'm on the right track here by looking for an iptables solution. Any suggestions? Is there maybe a hack that be applied in userland? Thanks!
Best Answer
They can't bind to the same port.
Bind each process to its own port, and then dispatch INPUT port 5000 to 5001, 5002, 5003 depending on your conditions.