发表新帖
发表新帖

how to open ejabberd server to public

前端 未结
关注
1 1266
别那么骄傲
别那么骄傲 2020-12-18 13:03

i recently installed ejabberd on Ubuntu 12.04 LTS. I made the necessary configuration and am able to connect using a xmpp client PSI on a different computer using LAN ip. No

1条回答
  • 时光说笑
    时光说笑 (楼主)
    2020-12-18 13:59

    1. Verify that connections really go through to the server.

      On an Internet-connected box use telnet, nc or a similar command to verify connecting to well-known ports of your server works. Do

      $ telnet 123.123.10.210 5222

      and then type in some gibberish and press Enter to send it—you should receive an XML stanza from your server telling you you've sent a malformed stream and indicating a stream closure (to exit telnet session, press Crl-] then enter q and hit Enter).

      If this command hangs and then times out or outright fails, you have a network connectivity problem.

      When you're checking it's really handy to have an instance of tcpdump running to see if clien't packets come in and replies come out:

      # tcpdump -n -i eth0 'tcp and (port 5222 or port 5269)'

      (substitute the name of your Internet-connected interface instead of eth0).

    2. You must have a proper DNS setup for your XMPP domain.

      That is, if your users have JIDs in example.domain.com, everyone on the Internet should be able to ask their DNS servers about how to contact users with JIDs in that domain using XMPP. This is done using SRV records. The DNS server(s) maintaining the example.domain.com must have two DNS records:

      • _xmpp-client._tcp.example.domain.com pointing to the host and port of the server accepting client connections (so they should be 123.123.10.210 and 5222).
      • _xmpp-server._tcp.example.domain.com pointing to the host and port of the server accepting server connections (so they should be 123.123.10.210 and 5269).

      More info here.

      Run

      $ host -t srv _xmpp-client._tcp.gmail.com
$ host -t srv _xmpp-server._tcp.gmail.com

      to get some idea about how it should look like.

    One more thing to be aware here is that if your server is in a DMZ (not directly connected to Internet but mediated by a NAT device) the firewall setup should be more involved. But before delving into this please check the connectivity as explained above.

    0 讨论(0)
 看不清?
提交回复
热议问题