Openfire config after setup

Hello I just installed openfire_4.0.0_all.deb and made the initial setup with the web UI. Before testing anything else I run a few comands on the server:

Some system info:

#uname -a Linux my.host.com3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u3 (2016-01-17) x86_64 GNU/Linux

#netstat -tape | grep openfire

tcp6 0 0 [::]:7070 [::]:* LISTEN openfire 29021 12193/java

tcp6 0 0 [::]:7777 [::]:* LISTEN openfire 29018 12193/java

tcp6 0 0 [::]:9090 [::]:* LISTEN openfire 29014 12193/java

tcp6 0 0 [::]:5229 [::]:* LISTEN openfire 29019 12193/java

tcp6 0 0 [::]:7443 [::]:* LISTEN openfire 29023 12193/java

tcp6 0 0 [::]:xmpp-server [::]:* LISTEN openfire 29020 12193/java

tcp6 0 0 localhost:33274 localhost:mysql ESTABLISHED openfire 29003 12193/java

tcp6 1 0 my.host.com:38916 207-223-240-70.con:http CLOSE_WAIT openfire 29031 12193/java

tcp6 0 0 localhost:33276 localhost:mysql ESTABLISHED openfire 29007 12193/java

tcp6 0 0 localhost:33277 localhost:mysql ESTABLISHED openfire 29009 12193/java

tcp6 0 0 localhost:33278 localhost:mysql ESTABLISHED openfire 29011 12193/java

tcp6 0 0 my.host.com:43648 a104-69-126-3.dep:https ESTABLISHED openfire 29037 12193/java

tcp6 0 0 my.host.com:38591 a104-69-126-3.dep:https ESTABLISHED openfire 29035 12193/java

tcp6 0 0 localhost:33275 localhost:mysql ESTABLISHED openfire 29005 12193/java

¿Is normal to see just tcp6 conexions and listener server? My system is using just IPV4, I just want to use one ipv4 adrres for the listening ports of openfire server. Is that possible. So if my server has 2 network link one with the 10.0.0.4 ip and the other with the 192.168.1.4 ip I just want to use one of those. For example the 192.168.1.4

¿Is there any chance to disable non encripted conexions listen port (9090) in the config setting? A proxy/rewrite on port 9090 to 9091could be a solution but inside of openfire, not envolving other apps will be great. Thanks to all of you for your time.

Can’t comment on the tcp6 thing. Not that familiar with linux. If Openfire works (you can connect from another machine to one of the IPv4 IPs, then it is ok probably).

You can disable 9090 port by editing /openfire/conf/openfire.xml while Openfire is stopped. Change 9090 to -1. You can also bind Openfire to one IP in that file. Uncomment tag and add 192.168.1.4

Thanks again for your help.

I can’t login with the spark client, so I think that maybe something is broken.

I will try to downgrade versions of Java/openfire in order to see where is the problem.

At the moment I don’t know where/what to look for troubleshoot.

Thank for point me to the correct file

You say that you can’t login with Spark. But are you able to login to Admin Console from a remote machine? This can be a firewall issue.

@wroot

I detected where the problem was.

If you, the reader, can have a look onto the command

netstat -tape | grep openfire

tcp6 0 0 [::]:7070 [::]:* LISTEN openfire 29021 12193/java

tcp6 0 0 [::]:7777 [::]:* LISTEN openfire 29018 12193/java

tcp6 0 0 [::]:9090 [::]:* LISTEN openfire 29014 12193/java

tcp6 0 0 [::]:5229 [::]:* LISTEN openfire 29019 12193/java

tcp6 0 0 [::]:7443 [::]:* LISTEN openfire 29023 12193/java

tcp6 0 0 [::]:xmpp-server [::]:* LISTEN openfire 29020 12193/java

there is no xmpp-client port listening. So the client module is not wake-up and can’t receive connexions from outside.

The firewall is not problem because there is no firewall

I suspected about a version mismatch between Java and Openfire and was the starting point.

The problem was with the Oracle Java version 8 installed under debian 8 codename Jessie. Installed via:

https://docs.oracle.com/javase/8/docs/technotes/guides/install/linux_jdk.html#BJ FGGEFG

No other problems running any other Java app, just Openfire.

So I make a clean deinstall of This Jave version (not in the easy way…) and a clean install of openJDK solve the problem:

apt-get install openjdk-7-jre openjdk-7-jdk

Now:

tcp6 0 0 [::]:7070 [::]:* LISTEN openfire 15109 483/java

tcp6 0 0 [::]:9091 [::]:* LISTEN openfire 11571 483/java

tcp6 0 0 [::]:xmpp-client [::]:* LISTEN openfire 14739 483/java

tcp6 0 0 [::]:5229 [::]:* LISTEN openfire 11570 483/java

tcp6 0 0 [::]:5263 [::]:* LISTEN openfire 14742 483/java

tcp6 0 0 [::]:7443 [::]:* LISTEN openfire 15112 483/java

tcp6 0 0 [::]:xmpp-server [::]:* LISTEN openfire 11561 483/java

And now I can connect without problems.

On the other hand, as you told me:

You can disable 9090 port by editing /openfire/conf/openfire.xml while Openfire is stopped. Change 9090 to -1. You can also bind Openfire to one IP in that file. Uncomment tag and add 192.168.1.4

The port is properly disabled, but I try to listen just one IP but this part is no running properly.

Also other ports have been disabled using the UI but they are open.

¿Is there any other file holding the config for the other ports?

Than you in advance.

Yes, i haven’t noticed that you didn’t have 5222 port listening. Well, for me it works with Oracle Java and i’ve heard there may be problems when using OpenJDK. But when i was testing on Ubuntu, i just used the tar.gz version with bundled JRE folder. Don’t know why it didn’t work for you. It should also work with Java 8. Maybe this is how things behave on Debian. It for sure works fine with the latest Oracle Java 8 on Windows

I don’t know of any other files to configure ports.

P.S. no need to mention my name in the message. I’m already automatically subscribed to threads i reply in. When you mention my name i get two notifications about one message.

1 Like

Thanks for the help… and for the advice :wink: greets