Restricting Openfire services to specific interfaces not working

Thiago_F_Alencar · June 19, 2009, 9:01pm

Hi,

After installing Openfire, I noticed that the services are by default exposed to all interfaces.

In order to improve security, I would like to know how to restrict the ports of the services to certain interfaces. Anyone could help? I searched all over in the admin console but couldn’t see more than their status in the initial page. Can this be done in the Admin Console? If not, how to configure it?

Edit: I had changed the /usr/share/openfire/conf/openfire.xml file including the interface I want:

192.168.168.1

But still after I restart openfire, the status show its listening in all interfaces. Any ideas?

Thanks in advance!

Thiago F. Alencar

Message was edited by: thiago.alencar

Thiago_F_Alencar · June 25, 2009, 12:59am

I was wondering, maybe it did work, but it is simply not showing the correct status in the web interface?

Thiago_F_Alencar · June 25, 2009, 2:24am

No luck, tested with external tool and the ports are open to all interfaces. Ideas?

wroot · June 25, 2009, 4:07am

It works for me. Are you sure you have uncommented tag?

Thiago_F_Alencar · June 25, 2009, 11:10am

Hah! that helps. I didn’t notice the comments

One more question: Do you know if I can duplicate the to include more than one? Like this:

192.168.168.1

192.168.169.1

It seems just the first interface was considered.

Thanks for your help.

BR/Thiago

wroot · June 25, 2009, 11:25am

Dont know is it possible. What if you try to add them like IP,IP or maybe with “;”. Though i think it can be designed like that: 1 interface or all.

Thiago_F_Alencar · June 29, 2009, 4:10pm

It didn’t work, guess this is by design as you said then.

Thanks very much anyway.