Chapter 20. Firewalls

JBoss Enterprise Application Platform ships with many socket-based services that require open firewall ports. Table 20.1, “The ports found in the default configuration” lists services that listen on ports that must be activated when accessing JBoss behind a firewall. Table 20.2, “Additional ports in the all configuration” lists additional ports that exist in the all profile.

Table 20.1. The ports found in the default configuration
Port	Type	Service
1098	TCP	`org.jboss.naming.NamingService`
1099	TCP	`org.jboss.naming.NamingService`
4444	TCP	`org.jboss.invocation.jrmp.server.JRMPInvoker`
4445	TCP	`org.jboss.invocation.pooled.server.PooledInvoker`
4446	TCP	`org.jboss.invocation.unified.server.UnifiedInvoker`
4457	TCP	JBoss Messaging 1.x socket
4712	TCP	JBossTS Recovery Manager socket
4713	TCP	JBossTS Transaction Status Manager
8009	TCP	`org.jboss.web.tomcat.tc4.EmbeddedTomcatService`
8080	TCP	`org.jboss.web.tomcat.tc4.EmbeddedTomcatService`
8083	TCP	`org.jboss.web.WebService`
8093	TCP	`org.jboss.mq.il.uil2.UILServerILService`

Table 20.2. Additional ports in the all configuration
Port	Type	Service
1100	TCP	`org.jboss.ha.jndi.HANamingService`
1101	TCP	`org.jboss.ha.jndi.HANamingService`
1102	UDP	`org.jboss.ha.jndi.HANamingService`
1161	UDP	`org.jboss.jmx.adaptor.snmp.agent.SnmpAgentService`
1162	UDP	`org.jboss.jmx.adaptor.snmp.trapd.TrapdService`
1389	TCP	`ldaphost.jboss.org.LdapLoginModule`
3843^[a]	TCP	`org.jboss.ejb3.SSLRemotingConnector`
3528	TCP	`org.jboss.invocation.iiop.IIOPInvoker`
3873	TCP	`org.jboss.ejb3.RemotingConnectors`
4447	TCP	`org.jboss.invocation.jrmp.server.JRMPInvokerHA`
4448	TCP	`org.jboss.invocation.pooled.server.PooledInvokerHA`
4448	TCP	`org.jboss.invocation.pooled.server.PooledInvokerHA`
7900	TCP
45566^[b]	UDP	`org.jboss.ha.framework.server.ClusterPartition`
^[a] Necessary only if SSL transport is configured for EJB3 ^[b] Plus two additional anonymous UDP ports, one can be set using the `rcv_port`, and the other cannot be set.