activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean K <sk92...@gmail.com>
Subject Re: iptables and broker to broker transport
Date Wed, 22 Aug 2012 20:42:05 GMT
Maybe this activemq.log might shed more light on this:

2012-08-22 12:58:20,497 | INFO  | ActiveMQ 5.6.0 JMS Message Broker
(static-broker-centos-test1) is starting |
org.apache.activemq.broker.BrokerService | main
2012-08-22 12:58:20,497 | INFO  | For help or more information please
see: http://activemq.apache.org/ |
org.apache.activemq.broker.BrokerService | main
2012-08-22 12:58:21,363 | INFO  | Listening for connections at:
ssl://centos-test1.foo.com:61616?needClientAuth=true |
org.apache.activemq.transport.TransportServerThreadSupport | main
2012-08-22 12:58:21,364 | INFO  | Connector openwire Started |
org.apache.activemq.broker.TransportConnector | main
2012-08-22 12:58:21,366 | INFO  | ActiveMQ JMS Message Broker
(static-broker-centos-test1,
ID:centos-test1.foo.com-35354-1345665500514-0:1) started |
org.apache.activemq.broker.BrokerService | main
2012-08-22 12:58:21,520 | INFO  | jetty-7.6.1.v20120215 |
org.eclipse.jetty.server.Server | main
2012-08-22 12:58:22,183 | INFO  | ActiveMQ WebConsole initialized. |
org.apache.activemq.web.WebConsoleStarter | main
2012-08-22 12:58:22,183 | INFO  | started
o.e.j.w.WebAppContext{/admin,file:/usr/local/activemq/apache-activemq-5.6.0/webapps/admin/}
| org.eclipse.jetty.server.handler.ContextHandler | main
2012-08-22 12:58:22,401 | INFO  | Initializing Spring FrameworkServlet
'dispatcher' | /admin | main
2012-08-22 12:58:23,458 | INFO  | ActiveMQ Console at
http://0.0.0.0:8161/admin | org.eclipse.jetty.webapp.WebAppContext |
main
2012-08-22 12:58:23,593 | INFO  | started
o.e.j.w.WebAppContext{/demo,file:/usr/local/activemq/apache-activemq-5.6.0/webapps/demo/}
| org.eclipse.jetty.server.handler.ContextHandler | main
2012-08-22 12:58:23,630 | INFO  | ActiveMQ Web Demos at
http://0.0.0.0:8161/demo | org.eclipse.jetty.webapp.WebAppContext |
main
2012-08-22 12:58:23,698 | INFO  | started
o.e.j.w.WebAppContext{/fileserver,file:/usr/local/activemq/apache-activemq-5.6.0/webapps/fileserver/}
| org.eclipse.jetty.server.handler.ContextHandler | main
2012-08-22 12:58:23,735 | INFO  | RESTful file access application at
http://0.0.0.0:8161/fileserver |
org.eclipse.jetty.webapp.WebAppContext | main
2012-08-22 12:58:23,822 | INFO  | Started
SelectChannelConnector@0.0.0.0:8161 |
org.eclipse.jetty.server.AbstractConnector | main
2012-08-22 13:01:23,657 | INFO  | Connector
vm://static-broker-centos-test1 Started |
org.apache.activemq.broker.TransportConnector | ActiveMQ Transport:
ssl:///192.168.10.103:41763
2012-08-22 13:01:23,711 | INFO  | Started responder end of duplex
bridge NC@ID:centos-test3.foo.com-40357-1345665680599-0:1 |
org.apache.activemq.broker.TransportConnection | ActiveMQ Transport:
ssl:///192.168.10.103:41763
2012-08-22 13:01:23,732 | INFO  | Network connection between
vm://static-broker-centos-test1#0 and
ssl://centos-test3.foo.com/192.168.10.103:41763(static-broker-centos-test3)
has been established. |
org.apache.activemq.network.DemandForwardingBridgeSupport |
StartLocalBridge: localBroker=vm://static-broker-centos-test1#0


If my transportConnectors look like this:

       <transportConnectors>
            <transportConnector name="openwire"
uri="ssl://0.0.0.0:61616?needClientAuth=true" >
            </transportConnector>
        </transportConnectors>


Where does the port 41763 come from?   It seems dynamic since that
port number changes as I restart the bridged brokers.

But where can I set that so that I can open up the firewall so that an
outside broker can connect to my broker?







On Wed, Aug 22, 2012 at 12:12 PM, Sean K <sk92129@gmail.com> wrote:
> I have two centos machines up and running.   When I disable or turn
> off iptables, the one broker can establish a transport bridge with the
> other broker on the other centos machine.
>
> I noticed that the port number being used changes -- 53033, 53067, etc..
>
> How can I configure each broker in the static network of brokers in a
> way so that I can re-enable iptables?
>
> I prefer to keep iptables running for security reasons -- not that it
> is the best security out there

Mime
View raw message