Vagrant won't forward ONLY port 80

Question 1

I don't think you can forward to host ports < 1024, unless VirtualBox is run as root on the host.

The VirtualBox Manual says this about NAT mode limitation:

Forwarding host ports < 1024 impossible:

On Unix-based hosts (e.g. Linux, Solaris, Mac OS X) it is not possible to bind to ports below 1024 from applications that are not run by root. As a result, if you try to configure such a port forwarding, the VM will refuse to start.

These limitations normally don't affect standard network use. But the presence of NAT has subtle effects that may interfere with protocols which normally work. One example is NFS, where the server is often configured to refuse connections from non-privileged ports (i.e. ports below 1024).

Question 2

Terry's answer correctly diagnosed the problem. Here's my solution:

Instead of running VirtualBox as root, port forward twice. Set up vagrant to forward host: 8080 to guest: 80. Combine that with some port forwarding rules on the host machine (using the ipfw utility) so that 80 goes to 8080 on the host machine. Then 8080 will get sent back to 80 on the guest machine.

Seems convoluted but this article describes the setup more clearly http://www.dmuth.org/node/1404/web-development-port-80-and-443-vagrant

Question 3

An alternative to using ipfw, which I did not have installed on my machine (Arch Linux), is SSH.

If you are running the webserver on port 80 on the guest then you can run a port forward in the background using SSH.

sudo ssh -p 2222 -gNfL 80:localhost:80 vagrant@localhost -i ~/.vagrant.d/insecure_private_key

Question 4

UPDATE:

ipfw has been deprecated as of OS X Mavericks. You should be using pfctl instead. I wrote an article which goes into detail on how to accomplish this here:

http://salvatore.garbesi.com/vagrant-port-forwarding-on-mac/

~~On Mac OS X via Terminal:~~

~~sudo ipfw add 100 fwd 127.0.0.1,8080 tcp from any to me 80 in~~

~~This will redirect all incoming traffic on 127.0.0.1:80 to 127.0.0.1:8080~~

Question 5

You can use a bridge adapter and then point to the local ip address instead of using localhost. Since this can vary according to the host (like local ip address in use and so on) I'll put everything into an external config.yml file.

# ...

require 'yaml'

current_dir    = File.dirname(File.expand_path(__FILE__))
configs        = YAML.load_file("#{current_dir}/config.yml")
vagrant_config = configs['config'][configs['config']['use']]

VAGRANTFILE_API_VERSION = "2"

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|

# http://docs.vagrantup.com/v2/virtualbox/networking.html
config.vm.network vagrant_config['vm']['network_type'],
    ip: vagrant_config['vm']['network_ip'],
    bridge: vagrant_config['vm']['network_bridge'],
    virtualbox__intnet: vagrant_config['vm']['network_intnet']
config.vm.network "forwarded_port", 
    guest: 80, 
    host: vagrant_config['http_server']['host_port']

# ...

Follows the config.yml file:

config:
    use: "public"
    private: # this is the old configuration that doesn't let you forward on port 80
    vb:
        cpus: 2
        memory: 4096
    vm:
        network_type: "private_network"
        network_ip: "192.168.33.10"
        network_intnet: true
        network_bridge: ""
        synced_folder: "/home/francesco/whatever/vagrant-synced-folder"
    http_server:
        host_port: 8080
    public: # here follows the new bridged configuration that let you use port 80!
    vb:
        cpus: 2
        memory: 4096
    vm:
        network_type: "public_network"
        network_ip: "192.168.1.123"
        network_intnet: false
        network_bridge: "eth0" # or whatever is your adapter name!
        synced_folder: "/home/francesco/whatever/vagrant-synced-folder"
    http_server:
        host_port: 80

Then just go to http://192.168.1.123:80/ :-)

Question 6

Port forwarding for Vagrant on OSX: ipfw is depreciated

Further to @sgarbesi's response, ipfw was indeed depreciated as of OS X Mavericks. Unfortunately I couldn't access the solution he posted as the link appears to be broken.

He is credited in the solution described here, however: https://www.danpurdy.co.uk/web-development/osx-yosemite-port-forwarding-for-vagrant/

I'm pasting the solution here for completeness, in the hope that it helps someone:

Set up port fowarding on the VM

Add the following to your Vagrantfile, as per the Vagrant documentation:

config.vm.network "forwarded_port", guest: 80, host: 8080 config.vm.network "forwarded_port", guest: 443, host: 4443

Install Vagrant Triggers

To install vagrant-triggers you should navigate in a terminal window to the folder where your Vagrantfile is kept and run the following command:

vagrant plugin install vagrant-triggers

Use Vagrant Triggers to automatically enable port forwarding

Add the following to your Vagrantfile:

config.trigger.after [:provision, :up, :reload] do
      system('echo "
        rdr pass on lo0 inet proto tcp from any to 127.0.0.1 port 80 -> 127.0.0.1 port 8080  
        rdr pass on lo0 inet proto tcp from any to 127.0.0.1 port 443 -> 127.0.0.1 port 4443
  " | sudo pfctl -ef - > /dev/null 2>&1; echo "==> Fowarding Ports: 80 -> 8080, 443 -> 4443 & Enabling pf"')  
  end

  config.trigger.after [:halt, :destroy] do
    system("sudo pfctl -df /etc/pf.conf > /dev/null 2>&1; echo '==> Removing Port Forwarding & Disabling pf'")
  end

This binds ports 80 and 443 to ports 8080 and 4443 respectively on Vagrant Provision, up and reload and removes it on halt or destroy. Note that pf is not enabled by default on OSX so we pass the -e flag when we add the rules to enable pf and the -d flag to disable it again when we remove the port forwarding.

Question 7

You can config port forwarding into VirtualBox:

Your VM -> Settings -> Network -> Advanced -> ports forwarding

Here you can add ports that you need.