JBoss/wildfly external connection forbidden

PatrickT · 2017-06-13 14:15:32 UTC

Hi all, i’m writing here because i need support to get wildfly/jboss working on the test machine.
I’ve installed the nethserver image on a vagrant machine, configured a secondary eth interface by adding eth1 file in network-scripts, though i’ve defined that interface in Vagrantfile, but now i’m not capable to connect to that interface from host machine. Searching for network traffic in that interface with tcpdump grepping specified ip, show nothing.
If i’m stop iptables service, the system i reached correctly.

Can anyone point me to the problem or solution?

Best regards

NethServer Version: 6.8
Module: external module

bwdjames · 2017-06-13 15:42:24 UTC

Sounds like you need to open the ports for wildfly/jboss

In order to do this, you would need to issue the following commands:

config set fw_wildfly_jboss service status enabled TCPPorts <port_number> UDPPorts <port_number> access green
signal-event firewall-adjust

PatrickT · 2017-06-13 15:48:22 UTC

Tnx bwdjames, can i ask you to provide me concrete example about the command you have writed.
The JBoss/WIldfly ports are 8080/9990

best regards

bwdjames · 2017-06-13 15:54:12 UTC

Assuming its only TCP ports your require and no UDP ports and assuming it should be enabled on the green LAN interface, then the exact two commands to run are:

config set fw_wildfly_jboss service status enabled TCPPorts 8080,9990 access green
signal-event firewall-adjust

PatrickT · 2017-06-13 16:17:07 UTC

Tnx for reply, i’ve tested your solution, but it hasn’t effect. No new entry found in firewall rules, if needed i can attach the iptables rules list. I’ve tested to connect to guest machine for remote admin, with no success, though in iptables rules the connection to port 980 is permitted.

EddieA · 2017-06-13 16:38:23 UTC

I think you need to follow that with:
signal-event runlevel-adjust

Cheers.

PatrickT · 2017-06-13 16:54:56 UTC

Tnx EddieA, with your suggestion i have reached my objective, but how to permanently save this rules?

Update:
With command suggested by bwdjames and EddieA, i’m able to reach guest machine on web cache port (8080) but not on 9990, nor remote web admin on (980), though i’ve added that port in config.

Best regards

EddieA · 2017-06-13 17:00:38 UTC

That saves the information in one of the NS db files, so it is permanent.

Cheers.

PatrickT · 2017-06-13 20:59:58 UTC

Tnx for all replies, but solution suggested not worked. When i restart the virtual machine i can’t connect to application server and remote administration ports.

The rules are saved in iptables entry, but i can’t connect from host machine, instead if connect from localhost, everything works fine.

EddieA · 2017-06-13 21:27:46 UTC

I’m not sure if that supports red/green as the access. You could try:
config set fw_wildfly_jboss service status enabled TCPPorts 8080,9990 access private
Which allows access via the green interface. For both red and green access, it’s “public”.

Cheers.

PatrickT · 2017-06-14 09:39:55 UTC

Thank you for times dedicated to my problem, but i can’t solve. So i decided to create a virtualbox instance with the same version as my customer. I’m open another topic to get help to configure system.

Best regards