Login/Register
Rabbitmq listens on all interfaces
Asked Answered
Solved ubunturabbitmqerlangbeam
M

1

8

It appears that my rabbitmq listens on all interfaces despite:

In /etc/rabbitmq/rabbitmq.config:

[{rabbit, [{tcp_listeners, [{"10.0.0.1", 5672}]}]},
  {rabbitmq_mochiweb, [{listeners, [{mgmt, [{ip, "10.0.0.1"},
                                            {port, 55672}]}]}]}].

In /etc/rabbitmq/rabbitmq-env.conf:

export RABBITMQ_NODENAME=rabbit
export RABBITMQ_NODE_IP_ADDRESS=10.0.0.1
export ERL_EPMD_ADDRESS=10.0.0.1

When i run netstat -uptan | grep beam i get:

tcp        0      0 10.0.0.1:5672           0.0.0.0:*               LISTEN      1378/beam
tcp        0      0 0.0.0.0:33551           0.0.0.0:*               LISTEN      1378/beam
tcp        0      0 127.0.0.1:38737         127.0.0.1:4369          ESTABLISHED 1378/beam

How do i make beam not listening on 0.0.0.0:33551 ?

Mettle answered 1/12, 2013 at 19:9 Comment(1)
For now i decided to use Firewall so public interface accepts only what i need.Mettle
S
8

tcp 0 0 127.0.0.1:38737 127.0.0.1:4369 ESTABLISHED 1378/beam says that beam process enables Erlang distributed protocol and connected to epmd daemon on 127.0.0.1:4369. Also beam process waits for incoming connections on 0.0.0.0:33551. This interface secured with Erlang cookies and rabbitmqctl uses it to connect to RabbitMQ instance and manage it.

To make it able to accept connections only from localhost you can:

  • use -kernel inet_dist_use_interface '{127,0,0,1}' kernel configuration flag from shell or create my_rabbitmq.conf:

    [{kernel,[{inet_dist_use_interface,{127,0,0,1}}]}].

    and use RabbitMQ environment variable to include it: export RABBITMQ_CONFIG_FILE="/path/to/my_rabbitmq.conf" to use configuration file

  • put in your /etc/rabbitmq/rabbitmq.conf export ERL_EPMD_ADDRESS=127.0.0.1 Erlang environment variable

Stature answered 2/12, 2013 at 6:9 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.