Restricting Openfire services to specific interfaces not working


After installing Openfire, I noticed that the services are by default exposed to all interfaces.

In order to improve security, I would like to know how to restrict the ports of the services to certain interfaces. Anyone could help? I searched all over in the admin console but couldn’t see more than their status in the initial page. Can this be done in the Admin Console? If not, how to configure it?

Edit: I had changed the /usr/share/openfire/conf/openfire.xml file including the interface I want:

But still after I restart openfire, the status show its listening in all interfaces. Any ideas?

Thanks in advance!

Thiago F. Alencar

Message was edited by: thiago.alencar

I was wondering, maybe it did work, but it is simply not showing the correct status in the web interface?

No luck, tested with external tool and the ports are open to all interfaces. Ideas?

It works for me. Are you sure you have uncommented tag?

Hah! that helps. I didn’t notice the comments

One more question: Do you know if I can duplicate the to include more than one? Like this:

It seems just the first interface was considered.

Thanks for your help.


Dont know is it possible. What if you try to add them like IP,IP or maybe with “;”. Though i think it can be designed like that: 1 interface or all.

It didn’t work, guess this is by design as you said then.

Thanks very much anyway.