Return-Path: 
 <users-return-17613-apmail-activemq-users-archive=activemq.apache.org@activemq.apache.org>
Delivered-To: apmail-activemq-users-archive@www.apache.org
Received: (qmail 82678 invoked from network); 19 Jan 2009 17:12:55 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 19 Jan 2009 17:12:55 -0000
Received: (qmail 32493 invoked by uid 500); 19 Jan 2009 17:12:54 -0000
Delivered-To: apmail-activemq-users-archive@activemq.apache.org
Received: (qmail 32469 invoked by uid 500); 19 Jan 2009 17:12:54 -0000
Mailing-List: contact users-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@activemq.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@activemq.apache.org>
List-Post: <mailto:users@activemq.apache.org>
List-Id: <users.activemq.apache.org>
Reply-To: users@activemq.apache.org
Delivered-To: mailing list users@activemq.apache.org
Received: (qmail 32458 invoked by uid 99); 19 Jan 2009 17:12:54 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 Jan 2009 09:12:54 -0800
X-ASF-Spam-Status: No, hits=0.2 required=10.0
	tests=SPF_PASS,WHOIS_MYPRIVREG
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of gary.tully@gmail.com designates
 209.85.218.17 as permitted sender)
Received: from [209.85.218.17] (HELO mail-bw0-f17.google.com) (209.85.218.17)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 Jan 2009 17:12:45 +0000
Received: by bwz10 with SMTP id 10so1314921bwz.14
        for <users@activemq.apache.org>; Mon, 19 Jan 2009 09:12:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from:to
         :subject:in-reply-to:mime-version:content-type
         :content-transfer-encoding:content-disposition:references;
        bh=OF5Lj7czY/EcY1eowTETH6CmsSY91air9E9/s8g3lTU=;
        b=FXc1fMib3SYdTGyWKHyrQHN0YHANKMHcwZiRrqktkS3tqsiViundH2rk9QeAG6jiPO
         RTBAUpKaRZRtfkaBIlKEKsiVz1l5XUx+5m5MrIt4DiM51+P8MWgCf2y3tM/vxMNag5uA
         LOymHayJ2gpxVnSZ87YbQrtq00NSkuADyrFtA=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:date:from:to:subject:in-reply-to:mime-version
         :content-type:content-transfer-encoding:content-disposition
         :references;
        b=jUpnscok9cf/032cnIgncLZewhilpAFxaEGOpwfa+2nx1WWYqIv8QWl/rdXgao5Wr+
         AFWou5wh8Wl8kXXC5wcUsthNafVWqDB+/qfuAF1ED/woDNmUx2PXujl0JKnQ0eqrCDBr
         ST9YZioXMDMKpj+iXJ9141J8YMfVzvuvQ8s/I=
Received: by 10.181.226.19 with SMTP id d19mr2143033bkr.38.1232385061060;
        Mon, 19 Jan 2009 09:11:01 -0800 (PST)
Received: by 10.181.7.4 with HTTP; Mon, 19 Jan 2009 09:11:01 -0800 (PST)
Message-ID: <3a73c17c0901190911g4a64b7f0x9298085267756c49@mail.gmail.com>
Date: Mon, 19 Jan 2009 17:11:01 +0000
From: "Gary Tully" <gary.tully@gmail.com>
To: users@activemq.apache.org
Subject: Re: Restricting Connectors to single interface?
In-Reply-To: <21544255.post@talk.nabble.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <21544255.post@talk.nabble.com>
X-Virus-Checked: Checked by ClamAV on apache.org

once the IP address is specified in the TransportConnector and the IP
address does not resolve to localhost,it will be used:
see the code that implements bind and uses the multi homed
createServerSocket() variant with addr passed in if an IP address is
specified.

http://activemq.apache.org/maven/5.2.0/activemq-core/apidocs/src-html/org/apache/activemq/transport/tcp/TcpTransportServer.html#line.125

Possibly debug in to this bind to see what InetAddress is returning on
your host.

2009/1/19 project2501 <darren@ontrenet.com>:
>
> Hi,
>  I am trying to run activemq over my openvpn network interface to secure
> all the messaging traffic.
> I specified my connectors to a specific network interface address 10.8.0.1,
> yet I can still see AMQ listening on the other addresses port 61616. This is
> a security hole I want to close.
>
> I saw previous posts asking about this but no answers yet.
>
> is it possible for AMQ to ONLY listen on the URI address you provide in the
> config and not all available ones?
>
> thank you for the help! Its very much appreciated and the product is truly
> awesome.
>
>
> --
> View this message in context: http://www.nabble.com/Restricting-Connectors-to-single-interface--tp21544255p21544255.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
>



-- 
http://blog.garytully.com

Open Source SOA
http://FUSESource.com