[ejabberd] limited firewall ports

Safford, Brian brian.safford at eds.com
Thu Feb 22 18:03:54 MSK 2007


I don't think port 5269 is used by erlang to handle node-to-node
communication.

I'm going to try Mickael's suggestion to use the inet_dist_listen_min
and inet_dist_listen_max parameters.  I think this will limit me to a
2-node setup, but that should be okay for now.

Thanks,
Brian 

-----Original Message-----
From: ejabberd-bounces at jabber.ru [mailto:ejabberd-bounces at jabber.ru] On
Behalf Of Sander Devrieze
Sent: Thursday, February 22, 2007 8:00 AM
To: ejabberd at jabber.ru
Subject: Re: [ejabberd] limited firewall ports

On 2/22/07, Safford, Brian <brian.safford at eds.com> wrote:
> I have a network setup where we have an 'inside' and 'outside' network

> with a port-filtering router inbetween.  The router does not filter 
> any ports from inside to outside, but only allows 4 ports from outside

> to in, those being 22 (ssh), 25 (smtp) and 2 others.
>
> I've been trying to get a 2 node erlang setup working.  The connection

> from inside to outside works fine, which tells me that the handshake 
> that takes place within the epmd's seems to be this:
>
> 1. inside epmd connects to outside epmd 2. outside epmd tells inside 
> epmd to go away and come back on port XXXX 3. inside epmd then 
> connects to port XXXX
>
> My question is this - is there any hope at all of getting the 
> connection from outside to inside working?

You need to open port 5269 (TCP) in both directions. Also take a look at
the firewall section in the guide.

> And my comment is ... why didn't / doesn't epmd work like most other 
> super-daemons?  Like sendmail and inetd ... or like wildfire and
> jabberd2 ... :-(

How do you mean? Do you want something like this?:
http://ejabberd.jabber.ru/node/1117

--
Mvg, Sander Devrieze.
_______________________________________________
ejabberd mailing list
ejabberd at jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd


More information about the ejabberd mailing list