Openfire & Spark trying to connect to public servers

When i login to openfire server admin console, it tries to connect to a public ip address “http://70.98.39.60:80” which is nothing but igniterealtime.org. Is this wrong? My firewall is blocking this, so I am getting panicky. Also spark tries to connect to ec2-75-101-138-128.compute-1.amazonaws.com, remote port : 3478… I have local stun server disabled and also deleted the external stun server lists.

Is this of any concern that my data is being leaked to the internet? Hope i get some good news

Thanks

Andrew

First one is probably because of RSS feeds (you can disable them by adding rss.enabled system property with value false). Also it could be because Openfire is checking for server and plugins updates.

Cant say anything about the second one. Cant see such connections at my place.

I noticed this activity in our firewall as well and started investigating. The other answer appears correct about OpenFire connecting to the RSS feeds.

As for the client connections to ec2-75-101-138-128.computer-1.amazonaws.com, this is a “feature” of the Jingle plugin which is hardcoded to connect to stun.xten.net, (an alias of stun.counterpath.com which is hosted on the above Amazon cloud server). This has previously been reported to Ignite as a bug since Jingle forces Spark to attempt a connection to 75.101.138.128 on port 3478 at every login, regardless of the STUN settings.

Can you point to that bug ticket if this was filed. Also, can you try with the latest SVN version and confirm this issue is still there?

It does not appear to have been filed correctly. I found several references to the reporting of this problem and presumed that it had been filed as a bug, but cannot find an actual bug report.

I installed 11186 and see the same behavior. When I remove jingle.jar from the plugins directory and launch Spark, I do not see the connection attempts to 75.101.138.128.

I could be misinterpreting the cause, but am wondering if this explains the static connection attempts when there are no STUN servers configured in Openfire? It at least matches the host and port we are seeing in the connection attempts.

(from STUNResolver.java within Smack)

// Fallback values when we don’t have any STUN server to use…
private final static String FALLBACKHOSTNAME = “stun.xten.net”;

private final static int FALLBACKHOSTPORT = 3478;

I dont know whether it is done on purpose and for what purpose. I have filed this as a Smack ticket SMACK-283