activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eraos <r...@broemeling.org>
Subject Re: Bind only to localhost/private network
Date Tue, 24 Aug 2010 22:38:05 GMT


Vjaceslavs Klimovs wrote:
> 
> Hi,
> Binding JMX to a specified address is unfortunately not trivial. For
> details see this blog post:
> http://vafer.org/blog/20061010091658
> 
> You will probably be better off using firewall to whitelist only your
> transport socket.
> 

Ouch.  That's very unfortunate, particularly as one of the ports that
ActiveMQ listens on (33689 in the above netstat output) bounces around.  If
there is no way to lock those listens down to localhost (without editing the
ActiveMQ source, anyway...), then is there any way to lock all of the ports
down (so that they don't change), so that I can just firewall only those
ports?

I have nearly all of them locked down, only that 33689 one bounces around
(it changes with every restart of ActiveMQ) -- can anyone tell me what it is
and how I can force it to be predictable?

Thanks.
-- 
View this message in context: http://old.nabble.com/Bind-only-to-localhost-private-network-tp29526752p29527128.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message