powered by Jive Software

Not binding to external IP interface

Hi developers,

I’‘ve installed Jive messenger on my Linux box. I manage to connect from client running on localhost (127.0.0.1) but when I try to connect to machine even from another host inside the firewall I can’'t. I notice the admin page has the 127.0.0.1 interface address instead of the ‘‘external’’ IP address.

I’‘ve tried adding the plain.interface property inside the embedded db messenger.script file, but this doesn’'t help at all.

Am I missing something obvious? Thanks.

Hi Sean,

In order for clients to connect to your Messenger installation that are running on machines other than the one you installed Messenger on you’‘ll have to give Messenger a real ip address or preferably a resolvable domain name. To change the Messenger’'s domain name sign-in to the Admin Console and go to Server -> Server Manager -> Server Settings and click on the edit button.

Hope that helps,

Ryan

Message was edited by:

ryang - fixed some wording

I’‘ve tried doing this for both the full host-name and the resolved IP, but I still have the same problem. There is no indication in the admin panel that I’'ve bound to external interface.

Thanks for the rapid reply though, I don’'t know if you have other ideas.

There is no indication in the admin panel that I’'ve

bound to external interface.

Actually, you should be able to see something like the following in the Server Settings section:

Server Ports

1: IP:Port, Security: 172.20.11.200:5269, NORMAL

Domain Name(s): wmd-df8x3s71

2: IP:Port, Security: 172.20.11.200:5222, NORMAL

Domain Name(s): wmd-df8x3s71

3: IP:Port, Security: 172.20.11.200:5223, TLS (SSL)

Domain Name(s): wmd-df8x3s71

/pre

Are you seeing 127.0.0.1 as your IP?

Thanks,

Ryan

Yes, I’'m getting

IP:Port, Security: 127.0.0.1:5269, NORMAL

Domain Name(s): blitz

What do you see if you run “ipconfig -a”?

Hi all … Ryan pointed me to this thread as I’'m having the same problems with my setup; see my thread for more info.

I’'m running Linux Fedora core 3

Running ifconfig -a returns at ‘‘eth0’’ @ xxx.xxx.x.xxx (not 127.0.0.1) with Scope: Link and an ‘‘lo’’ Local Loopback at 127.0.0.1 with Scope: Host.

There are also eth1, eth2, and sit0 data if helpful.

– brian

Message was edited by:

bmagierski

Results below:

I’‘ve taken the liberty to obfuscate the inet addr a bit with ‘’??’’ < and it’'s not 127.0.0.1> for eth0. Looks like brian is behind NAT; I most definitely am not.

eth0 Link encap:Ethernet HWaddr 00:02:55:1A:27:C1

inet addr:??.??.??.13 Bcast:??.??.??.255 Mask:255.255.255.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:9389966 errors:0 dropped:0 overruns:0 frame:0

TX packets:866132 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:1557922057 (1485.7 Mb) TX bytes:104760604 (99.9 Mb)

Interrupt:10 Base address:0xa000 Memory:f9020000-f9020038

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:3426 errors:0 dropped:0 overruns:0 frame:0

TX packets:3426 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:1524034 (1.4 Mb) TX bytes:1524034 (1.4 Mb)

here are specifics on mine (inet is not 127.0.0.1 on eth0) … being a newbie I’‘m not exactly sure what to leave off, so I’‘ll key off of Sean. Also, any insight on mitigating being behind NAT would be helpful on the newbie line as well, as I’'m not sure what that means.

eth0 Link encap:Ethernet HWaddr 00:0E:0C:08:6C:C4

inet addr:xxx.xxx.x.xxx Bcast:xxx.xxx.x.255 Mask:255.255.255.0

inet6 addr: xxxxxxx Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:1684361 errors:0 dropped:0 overruns:0 frame:0

TX packets:1533421 errors:0 dropped:0 overruns:0 carrier:0

collisions:146957 txqueuelen:1000

RX bytes:203300014 (193.8 MiB) TX bytes:557443604 (531.6 MiB)

Base address:0x2040 Memory:fe6c0000-fe6e0000

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: xxxx Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:862406 errors:0 dropped:0 overruns:0 frame:0

TX packets:862406 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:60032626 (57.2 MiB) TX bytes:60032626 (57.2 MiB)

as mentioned in the previous post, there are: eth1, eth2, and sit0 data as well.

Hi All,

Could you try editing your host file so it has an entry like:

127.0.0.1 localdomain

and see if that fixes the issue.

Thanks,

Ryan

I altered the hosts file to split up the localhost IP address, and the resolved hostname with the external IP address (2 lines now). This allowed messenger to resolve the username correctly (it appears to be a problem if the 127.0.0.1 localhost is just on one line in /etc/hosts).

Even after this I still couldn’'t connect, but discovered that iptables was blocking connections. If I turn off the firewall in Fedora 3, I get a connection, but I still need to figure out how to add the needed ports to iptables config.

Thanks!

Sean

Even after this I still couldn’'t connect, but

discovered that iptables was blocking connections. If

I turn off the firewall in Fedora 3, I get a

connection, but I still need to figure out how to add

the needed ports to iptables config.

Ah, good piece of information to be aware of.

Unfortunately, I’‘m not all that familiar with working with iptables so I won’'t be able to help much, but if you do figure out how to configure things please let us know.

Thanks,

Ryan

Hi Ryan and Sean,

This looks very helpful. I’‘ve been out of town and may not be able to try this until monday night (unless I get time to ssh in). I’'ll let you know the outcome when I get to it.

Thanks again for the help.

Guys,

Per Sean’'s findings, I used the “system-config-securitylevel” to disable the firewall on fedora and I am now connected to the Jive Server properly.

Sean - we’‘re going to dig into the iptables to see about freeing the IM connections so we can run with the firewall on. I’‘ll post any findings we have to this thread. We’'re not familiar with working with iptables, but I have some friends that may be able to help.

Thanks again for the help …

– brian

Maybe i can help you dealing with iptables a bit. Though i’'m not using Fedora and iptables daemon in mys system could be in other place.

This manual is very good to understand iptables commands:

http://iptables-tutorial.frozentux.net/iptables-tutorial.html#TABLE.COMMANDS

This is an example of my setup, you need to enter all these commands in command line (terminal):

iptables -F INPUT

iptables -P INPUT DROP

iptables -A INPUT -p tcp --dport 5222 -s 192.168.12.0/24 -j ACCEPT

iptables -A INPUT -p tcp --dport 9090 -s 192.168.12.0/24 -m mac --mac-source 00:0B:6A:24:E8:AC -j ACCEPT

iptables -A INPUT -p tcp --dport 9090 -s 192.168.12.0/24 -m mac --mac-source 00:0B:6A:24:E8:C7 -j ACCEPT

/code

first command flushes all the existing commands so be aware. If someone else is working with iptables just ask him to configure needed ports, dont mess firewall;) As i’‘m using this server only for Jive i’‘m dropping all (-P means policy) incoming connections with second command. And then i add (-A means append) 3 ports to be able to connect to my server. Connection from 5222 port from any local 192.168.12.x IP address is accepted (this is for clients using non-SSL port). If you are administrating server locally maybe you dont need any other rules. But i need to admin it from two other machines. So i’'m adding two rules for 9090 ports (non-SSL) and also filtering by MAC address of network card, so only two machines could connect to Admin Console. All outgoing connections is by default accepted.

I also have rules for SSH, DNS and HTTP connections, but maybe this will do for now. Hope you’'ll get the point

And dont forget to save ip rules!!!

i’'m using this command:

/etc/rc.d/iptables save

fit this for your environment

I am also running into this issue, and I cannot seem to resolve it.

The server will be used locally on a 192.168.1.* network.

Currently, it only binds to 127.0.0.1, and there is a proper entry in the /etc/hosts file for the domain.

Following are my system’'s settings, and I hope someone can resolve this for me.

Fedora Core 3.92

Server’'s external IP: 192.168.1.11

Domain Name (resolves properly from all internal clients to 192.168.1.11) : avalon.domain.com

Server’'s setting page shows that the IP that is bound is 127.0.0.1, and the Domain Name as avalon.domain.com

Any ideas? Running Messenger 2.3.0 Beta 1

Hey mine is showing the same: 127.0.0.1:5222, NORMAL

But all clients are connecting with 192.168.12.41 IP normally (that’'s the IP of this machine).

The Fedora box would not let me login even from external addresses. However, when I installed the server on a Windows machine, and set the domain name to the IP address, and it worked fine.

However, the remote MySQL server still could not be contacted (on both machines) so I don’'t know what is the problem there. The user is setup properly on MySQL (with remote IP access).

I will troubleshoot some more and report back if I find anything.

I’'m with Archlinux. And i have only entry for 127.0.0.1 localdomain servername in hosts. What do you mean “and there is a proper entry in the /etc/hosts file for the domain”?

As i understand hosts file is only for resolving other domains but not for binding your machine to some IP. This is up to your DNS or hosts files on other machines. I maybe wrong but as i see it works like that, nothing more.

Unless you instruct it differently (through some special property settings), Jive Messenger will attempt to bind to all interfaces on your server. So, anyone having difficulties connecting through interfaces other than 127.0.0.1 – it’'s most likely a firewall issue.

Regards,

Matt