Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-10513

Need to update Security Guide 20. Firewalls

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • EAP_EWP 5.2.0
    • EAP_EWP 5.1.2
    • Documentation
    • None
    • Documentation (Ref Guide, User Guide, etc.)
    • Not Required
    • NEW

    Description

      https://access.redhat.com/knowledge/docs/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Security_Guide/index.html#chap-Firewalls

      • Port 57600 is not "udp", it's "tcp".
      • Remove "JBM2" or "JBoss Messaging 2.x", they are deprecated names for "HornetQ".
      • Port 54225 and 57600 are FD_SOCK, they are TCP. Not UDP.
      • FD_SOCK uses multiple ports, 1 port per 1 channel. By default EAP 5 uses 7 channels (HAPartition, HAPartitionCache, HttpSession, SFSB, Entity, JBM data and JBM control), so for example, udp FD_SOCK may use 54200 to 54206. This special rule applies to 54200, 54225, 57600 and 57650.
      • Guide for JBoss Messaging secondaryBindPort was removed, we should add it back. It's random port by default, need to configure to use fix port (secondaryBindPort in $JBOSS_HOME/server/$PROFILE/deploy/messaging/remoting-bisocket-service.xml, recommended value is 4458 because first socket is 4457), then add it to firewall rules.

      Attachments

        Activity

          People

            ppenicka@redhat.com Petr Penicka (Inactive)
            rhn-support-tkimura Takayoshi Kimura
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: