Solution: Using Openfire with SOCKS for IM gateways

I’ve been working on setting up a new XMPP environment to replace a Jabberd 1.4 server. One of the requirements we have is that users have access to external transports (AIM, MSN, Yahoo, etc.). Unfortunately we’re behind a firewall and for security reasons the only way to traverse the firewall is using SOCKS.

With Jabberd 1.4 we used ‘socksify’ to socksify the transports which worked pretty well. Finding a similar solution for Openfire was more problematic. Simply trying to ‘socksify’ the /opt/bin/openfire script did nothing.

So, I started looking at the openfire script and realized it was just starting up Java with various parameters. It dawned on me that you can pass proxy settings the same way as of J2SE 1.5.

So, I simply added the DsocksProxyHost parameter to the /opt/bin/openfire script.

Here’s a snippet from the ‘start’ section:

 *start)*
  •    echo "Starting openfire"+
    

nohup “$app_java_home/bin/java” -DsocksProxyHost=sockshost.domain.com -server -Dinstall4j.jvmDir="$app_java_home" -Dexe4j.moduleName="$prg_dir/$progname" $INSTALL4J_ADD_VM_PARAMS -classpath “$local_classpath” com.install4j.runtime.Launcher start org.jivesoftware.openfire.starter.ServerStarter false false “$prg_dir/…/logs/stderror.log” “$prg_dir/…/logs/stdoutt.log” true true false “” true true 0 0 “” 20 20 “Arial” “0,0,0” 8 500 “version 3.5.1” 20 40 “Arial” “0,0,0” 8 500 -1 -DopenfireHome=$app_home -Dopenfire.lib.dir=$app_home/lib &

I was able to ‘test’ the various gateways in the admin console and all passed.

Hopefully this helps someone else out. I was about ready to toss Openfire and go with eJabberd after finding no help with gettings SOCKS to work.