Chapter 20. Firewalls
JBoss comes with many socket-based services that open listening ports. In this section we list the ports, which might be open by the services and therefore need to be configured to work when accessing JBoss behind a firewall. The Table 20.1, “Default JBoss ports” table shows ports, socket type, associated service and a brief description of such ports.
Table 20.1. Default JBoss ports
| Port | Type | Description | Service |
|---|---|---|---|
| 1090 | TCP | RMI/JRMP port for connecting to the JMX MBeanServer | jboss.remoting:service=JMXConnectorServer,protocol=rmi |
| 1098 | TCP | Naming service port for RMI requests from client proxies | jboss:service=Naming |
| 1099 | TCP | Naming service port | jboss:service=Naming |
| 1100 | TCP | Port for the HA-JNDI service | jboss:service=HAJNDI |
| 1101 | TCP | HA-JNDI service port for RMI requests from client proxies | jboss:service=HAJNDI |
| 1102 | UDP | HA-JNDI multicast port for auto-discovery requests | jboss:service=HAJNDI |
| 1161 | UDP | Port for the SNMP adaptor MBean | jboss.jmx:name=SnmpAgent,service=snmp,type=adaptor |
| 1162 | UDP | Port for the SNMP trap receiver | jboss.jmx:name=SnmpAgent,service=trapd,type=logger |
| 3528 | TCP | IIOP port for the Corba ORB | jboss:service=CorbaORB |
| 3873 | TCP | EJB3 Remoting Connector Port | jboss.remoting:type=Connector,name=DefaultEjb3Connector,handler=ejb3 |
| 4444 | TCP | Port for the legacy RMI/JRMP invoker | jboss:service=invoker,type=jrmp |
| 4445 | TCP | Port for the legacy Pooled invoker | jboss:service=invoker,type=pooled |
| 4446 | TCP | Port for JBoss Remoting Connector of UnifiedInvoker | UnifiedInvokerConnector |
| 4447 | TCP | Port for the high-availability version of the legacy RMI/JRMP invoker | jboss:service=invoker,type=jrmpha |
| 4448 | TCP | Port for the high-availability version of the legacy Pooled invoker | jboss:service=invoker,type=pooledha |
| 4457 | TCP | Port for JBoss Messaging | jboss.messaging:service=Connector,transport=bisocket |
| 4458 | TCP | Recommended secondary binding port for JBoss Messaging. For more information, see the Configuring the Remoting Connector section of the Messaging User Guide. | jboss.messaging:service=Connector,transport=bisocket |
| 4712 | TCP | Port for JBoss TS Recovery Manager | TransactionManager |
| 4713 | TCP | Port for JBossTS Transaction Status Manager | TransactionManager |
| 4714 | TCP | Port for provision of unique process id for JBossTS | TransactionManager |
| 5445 | TCP | Port for HornetQ | HornetQ |
| 5446 | TCP | SSL port for HornetQ | HornetQ |
| 5455 | TCP | HornetQ batch port; refer to Configuring the Netty transport in HornetQ User Guide | HornetQ |
| 5465 | TCP | HornetQ backup server port | HornetQ |
| 5466 | TCP | Backup SSL port for HornetQ | HornetQ |
| 5475 | TCP | Backup batch port for HornetQ | HornetQ |
| 7500 | TCP | Multicast port on which JGroups listens for diagnostic requests from its Probe utility | JGroups |
| 7600 | TCP | Port used for the JGroups tcp stack | JGroups |
| 7650 | TCP | Port used by the JGroups tcp-sync stack | JGroups |
| 7900 | TCP | Port used by the JGroups jbm-data. This port is used by cluster nodes to communicate with each other and is not usually firewalled. If this option is desirable, keep in mind that other UDP ports may also need to be opened. | JGroups |
| 8009 | TCP | Port for AJP connector | jboss:service=WebService |
| 8080 | TCP | JBoss Web HTTP connector port (drives also the values for the HTTPS and AJP sockets) | jboss.web:service=WebServer |
| 8083 | TCP | Port for dynamic class and resource loading | jboss:service=WebService |
| 8443 | TCP | Port for JBoss Web HTTPS connector | jboss.web:service=WebServer |
| 45688 | UDP | Multicast port for JGroups udp stack communication | JGroups |
| 45689 | UDP | Multicast port for communication of the JGroups udp-async stack | JGroups |
| 45699 | UDP | Multicast port for communication of the JGroups udp-sync stack | JGroups |
| 45700 | TCP | Multicast port on which JGroups tcp stack performs discovery | JGroups |
| 45701 | TCP | Multicast port on which JGroups tcp-sync stack performs discovery | JGroups |
| 45710 | UDP | Multicast port on which JGroups jbm-data stack performs discovery | JGroups |
| 53200 | TCP | Port used by the FD_SOCK protocol in the JGroups jbm_control stack | JGroups |
| 54200 – 54206 | TCP | Range of ports used by the FD_SOCK protocol in the JGroups tcp stack | JGroups |
| 54225 – 54231 | TCP | Range of ports used by the FD_SOCK protocol in the JGroups tcp-async stack | JGroups |
| 55200 | UDP | Port for JGroups udp stack | JGroups |
| 55225 | UDP | Port used by the JGroups udp-async stack | JGroups |
| 55250 | UDP | Port used by the JGroups udp-sync stack | JGroups |
| 57600 – 57606 | TCP | Range of ports used by the FD_SOCK protocol in the JGroups tcp stack | JGroups |
| 57650 – 57656 | TCP | Range of ports used by the FD_SOCK protocol in the JGroups tcp-sync stack | JGroups |
| 57900 | TCP | Port used by the FD_SOCK protocol in the JGroups jbm-data stack | JGroups |
