Return-Path: 
 <users-return-31656-apmail-activemq-users-archive=activemq.apache.org@activemq.apache.org>
X-Original-To: apmail-activemq-users-archive@www.apache.org
Delivered-To: apmail-activemq-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 9B12DD492
	for <apmail-activemq-users-archive@www.apache.org>;
 Wed, 22 Aug 2012 19:12:33 +0000 (UTC)
Received: (qmail 77920 invoked by uid 500); 22 Aug 2012 19:12:33 -0000
Delivered-To: apmail-activemq-users-archive@activemq.apache.org
Received: (qmail 77894 invoked by uid 500); 22 Aug 2012 19:12:32 -0000
Mailing-List: contact users-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@activemq.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@activemq.apache.org>
List-Post: <mailto:users@activemq.apache.org>
List-Id: <users.activemq.apache.org>
Reply-To: users@activemq.apache.org
Delivered-To: mailing list users@activemq.apache.org
Received: (qmail 77886 invoked by uid 99); 22 Aug 2012 19:12:32 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Aug 2012 19:12:32 +0000
X-ASF-Spam-Status: No, hits=-0.5 required=5.0
	tests=FREEMAIL_ENVFROM_END_DIGIT,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of sk92129@gmail.com designates
 209.85.214.171 as permitted sender)
Received: from [209.85.214.171] (HELO mail-ob0-f171.google.com)
 (209.85.214.171)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Aug 2012 19:12:25 +0000
Received: by obqv19 with SMTP id v19so1917589obq.2
        for <users@activemq.apache.org>; Wed, 22 Aug 2012 12:12:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=VaT3mcWT/MV1Ai13YYrOzi6oL4R2RDawmfG9GfWOv4Q=;
        b=j8/k7tt9q0ywRCHEO5eBnYi3RhlvRJTDYCcqqtz6ULn1IZmtwDHaTkVRBhBgfCRD/M
         BLLBSNS1VVni5cE9gb02zJWq491VB4T4ca8JINhJdvb2R9sM3jmrXI8M+0xdgu64Z6+/
         fI/xgCYenRpeP8LOhPeiEkdyLyNhr/VlOmLG3XZuGkmig0BsSFjUZtm09zm2xeDh+vjO
         uC609VYOsw7u0YHA7fCE4mILRKZf2TXBsscC8qBepFlDo1k6/+/IAMtTQIB46Sda/9Uy
         5hBlbFP8kIShTQwCzerBXxiH5pvfwarkCwTjtS4VOF0w3/6DdE2HWJnhJae5NLLXcIj4
         qv7w==
MIME-Version: 1.0
Received: by 10.182.117.71 with SMTP id kc7mr16290028obb.62.1345662724580;
 Wed, 22 Aug 2012 12:12:04 -0700 (PDT)
Received: by 10.76.83.68 with HTTP; Wed, 22 Aug 2012 12:12:04 -0700 (PDT)
Date: Wed, 22 Aug 2012 12:12:04 -0700
Message-ID: 
 <CAMzDGkHu=F2M9wftSQ=w955e5TpkmRf-2G6-GQWfmvBGfF0U3g@mail.gmail.com>
Subject: iptables and broker to broker transport
From: Sean K <sk92129@gmail.com>
To: users@activemq.apache.org
Content-Type: text/plain; charset=ISO-8859-1

I have two centos machines up and running.   When I disable or turn
off iptables, the one broker can establish a transport bridge with the
other broker on the other centos machine.

I noticed that the port number being used changes -- 53033, 53067, etc..

How can I configure each broker in the static network of brokers in a
way so that I can re-enable iptables?

I prefer to keep iptables running for security reasons -- not that it
is the best security out there