Red5 open tcp ports
211 views
Skip to first unread message
Stoian Ivanov
Jul 15, 2013, 10:22:15 AM7/15/13
to red5in...@googlegroups.com
Hi all,
Red5 is listening on lot of TCP sockets. I need to close those not related to RTMP(1935) and HTTP(5080) Now I understand that the server is listening to 9999 for JMX and I can limit that just for localhost - so I can restart the server nicely.
The question is what to do with port 37424 as red5 is listening to it but google does not know what this port is generally used for. Can I just forbid this port to anyone or it has some critical usage?
Best regards
S.
Red5 is listening on lot of TCP sockets. I need to close those not related to RTMP(1935) and HTTP(5080) Now I understand that the server is listening to 9999 for JMX and I can limit that just for localhost - so I can restart the server nicely.
The question is what to do with port 37424 as red5 is listening to it but google does not know what this port is generally used for. Can I just forbid this port to anyone or it has some critical usage?
Best regards
S.
Mondain
Jul 15, 2013, 11:34:28 AM7/15/13
to red5in...@googlegroups.com
Only 1935, 5080, and 9999 should be open; unless you modify the red5.properties of course. If something else is open then it is not intended to be by us.
S.
--
---
You received this message because you are subscribed to the Google Groups "red5" group.
To unsubscribe from this group and stop receiving emails from it, send an email to red5interest...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
http://gregoire.org/
http://code.google.com/p/red5/
Stoian Ivanov
Jul 16, 2013, 4:08:28 AM7/16/13
to red5in...@googlegroups.com
Well, after some digging around: http://stackoverflow.com/questions/7163173/jmx-enabled-java-application-appears-to-open-a-random-high-order-port-when-jmx-c so JMX is opening random port for listening .. this is .. "you must have no security" situation :( Anyway there is an example of "fixing" this issue
Stoian Ivanov
Jul 16, 2013, 9:02:11 AM7/16/13
to red5in...@googlegroups.com
Here is a little patch to make JXM ports "stable". It is pure configuration but i think it should be "standardized"
diff --git a/src/main/server/conf/red5-common.xml b/src/main/server/conf/red5-common.xml
index 37fb492..b99f913 100644
--- a/src/main/server/conf/red5-common.xml
+++ b/src/main/server/conf/red5-common.xml
@@ -31,7 +31,7 @@
<bean class="org.springframework.jmx.support.ConnectorServerFactoryBean" depends-on="rmiRegistry">
<property name="objectName" value="org.red5.server:name=rmi" />
<property name="serviceUrl"
- value="service:jmx:rmi://${jmx.rmi.host}/jndi/rmi://${jmx.rmi.host}:${jmx.rmi.port}/red5" />
+ value="service:jmx:rmi://${jmx.rmi.host}:${jmx.rmi.sport}/jndi/rmi://${jmx.rmi.host}:${jmx.rmi.port}/red5" />
<property name="environment">
<!-- the following is only valid when the sun jmx implementation is used -->
<map>
diff --git a/src/main/server/conf/red5.properties b/src/main/server/conf/red5.properties
index 770515e..072cc8b 100644
--- a/src/main/server/conf/red5.properties
+++ b/src/main/server/conf/red5.properties
@@ -91,6 +91,7 @@ proxy.destination_port=1935
# JMX
jmx.rmi.host=localhost
jmx.rmi.port=9999
+jmx.rmi.sport=9998
jmx.rmi.port.remoteobjects=
jmx.keystorepass=password
jmx.mina.monitor.enable=true
Basically changing serviceUrl propery of ConnectorServerFactoryBean (in conf/red5-common.xml) to include port after the first hostname, and adding property for this in conf/red5.properties.
Shall I create a bug/feature request or posting here is enough?
diff --git a/src/main/server/conf/red5-common.xml b/src/main/server/conf/red5-common.xml
index 37fb492..b99f913 100644
--- a/src/main/server/conf/red5-common.xml
+++ b/src/main/server/conf/red5-common.xml
@@ -31,7 +31,7 @@
<bean class="org.springframework.jmx.support.ConnectorServerFactoryBean" depends-on="rmiRegistry">
<property name="objectName" value="org.red5.server:name=rmi" />
<property name="serviceUrl"
- value="service:jmx:rmi://${jmx.rmi.host}/jndi/rmi://${jmx.rmi.host}:${jmx.rmi.port}/red5" />
+ value="service:jmx:rmi://${jmx.rmi.host}:${jmx.rmi.sport}/jndi/rmi://${jmx.rmi.host}:${jmx.rmi.port}/red5" />
<property name="environment">
<!-- the following is only valid when the sun jmx implementation is used -->
<map>
diff --git a/src/main/server/conf/red5.properties b/src/main/server/conf/red5.properties
index 770515e..072cc8b 100644
--- a/src/main/server/conf/red5.properties
+++ b/src/main/server/conf/red5.properties
@@ -91,6 +91,7 @@ proxy.destination_port=1935
# JMX
jmx.rmi.host=localhost
jmx.rmi.port=9999
+jmx.rmi.sport=9998
jmx.rmi.port.remoteobjects=
jmx.keystorepass=password
jmx.mina.monitor.enable=true
Basically changing serviceUrl propery of ConnectorServerFactoryBean (in conf/red5-common.xml) to include port after the first hostname, and adding property for this in conf/red5.properties.
Shall I create a bug/feature request or posting here is enough?
Stoian Ivanov
Jul 17, 2013, 7:44:18 AM7/17/13
to red5in...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages