Table of Contents

Windows 10 instructions to make your GS3 tomcat web server public

Follow these instructions only for briefly testing a public GS3 tomcat, such as for the Validating the Greenstone OAI server section of the tutorial Setting up your Greenstone OAI Server, as I'm not sure the following method is robust against potential security threats.

Instructions

1. Obtaining your PC's public IP and LAN/private IP:

a. Work out your PC's private LAN (local area network) IP by starting up a DOS/command prompt and then typing:

ipconfig /all

Under the "Ethernet adapter Ethernet" or equivalent section of the results displayed, note down the value for the IPv4 address field:

	Ethernet adapter Ethernet:

	   Connection-specific DNS Suffix  . : ???
	   IPv6 Address. . . . . . . . . . . : ????????
	   Temporary IPv6 Address. . . . . . : ????????
	   Temporary IPv6 Address. . . . . . : ????????
	   Link-local IPv6 Address . . . . . : ????????
	   IPv4 Address. . . . . . . . . . . : ###.###.#.### <<-- This is your PC's private/LAN IP, note it down
	   Subnet Mask . . . . . . . . . . . : ????????
	   Default Gateway . . . . . . . . . : ????????
						   192.168.1.1

b. Work out public IP by visiting http://ip4.me/ or https://www.whatismyip.com/
It will list your public IPv4 address. Make a note of this also.

2. Configure Windows Defender FireWall to make the port accessible:

a. Go to Control Panel > System and Security > Windows Firewall > Advanced Settings.

b. Rightclick on Inbound Rules > New Rule.
Then: Port > Next. Set to TCP and Specific local ports: 8383 > Next.
Tick Allow the Connection > Next.
Leave all 3 of Domain, Private, Public ticked. (Since I don't know which is applicable)
Set Name: GS3 > Finish.

c. Repeat step 2 for Outbound Rules.
One or both of 2a and b are necessary, not sure which.

(Because I don't know whether outbound http responses from GS3's tomcat webserver for incoming requests need to have a port exception rule set up too.)

d. Now you should see the running GS3 tomcat at http://<private-LAN-IP>:8383.*

We need to make this visible over the public IP, which is accomplished by 'Port forwarding'.

* If not, check your tomcat server is running. Next, check it is listening on port 8383 by typing the following into a DOS prompt:

netstat -an | find "8383"

The output should display 'LISTENING' for port 8383.

3. Set up port forwarding on your router to map to privateIP:port to public IP:port:

Login to your router (a local URL/IP that may look like 192.168.1.1 or similar digits) and set up port forwarding from the private port 8383 on private LAN IP to public port 8383.

On some router configuration pages, you may need to remember to apply the configuration changes by pressing an Apply button or link.

If you don't know how to work with your local home/work router, google a manual for your router's make online and search for port forwarding instructions for it.

4. Stop your Greenstone 3 server.
Edit your Greenstone's top level build.properties file and set its tomcat.server property to the public IP.
Restart the Greenstone 3 web server.
Now the GS3 tomcat web server should be visible at http://<public-ip>:8383/

5. Once you've finished testing your GS3's tomcat web server's works correctly when public, remember to undo the Firewall and port forwarding changes, and remember to return the build.properties file's tomcat.server property back to localhost, to make the web server private once more.