doesn't establish connections anymore

Hi,

I've been running an ejabberd server without any problems. Version is Debian lenny's 2.0.1.

Last succesful c2s connection was on April 12th. I havn't really used the server since then. Now I tried to connect and it didn't work. The stream starts normally, but when the client sends the auth request, the server just terminates the TCP session.

I've reviewed the logs and found the following:

=INFO REPORT==== 2010-04-16 08:21:08 ===
I(<0.299.0>:mod_pubsub:219) : ** terminate default plugin

=INFO REPORT==== 2010-04-16 08:21:08 ===
I(<0.299.0>:mod_pubsub:219) : ** terminate pep plugin

=INFO REPORT==== 2010-04-16 10:21:11 ===
I(<0.309.0>:mod_pubsub:152) : pubsub init "localhost" [{access_createnode,
                                                        pubsub_createnode},
                                                       {plugins,
                                                        ["default","pep"]}]

=INFO REPORT==== 2010-04-16 10:21:11 ===
I(<0.309.0>:mod_pubsub:207) : ** tree plugin is nodetree_default

=INFO REPORT==== 2010-04-16 10:21:11 ===
I(<0.309.0>:mod_pubsub:211) : ** init default plugin

=INFO REPORT==== 2010-04-16 10:21:11 ===
I(<0.309.0>:mod_pubsub:211) : ** init pep plugin

From there on ejabberd_listener didn't establish any connections. The only log messages are for example:

=INFO REPORT==== 2010-04-16 10:42:58 ===
I(<0.263.0>:ejabberd_listener:112) : (#Port<0.430>) Accepted connection {{217,10
,9,40},40768} -> {{89,238,65,243},5269}

Before they used to be followed by such messages for s2s:

=INFO REPORT==== 2010-04-15 22:08:46 ===
I(<0.18915.0>:ejabberd_s2s_out:319) : Connection established: shakaweb.org -> gm
ail.com

and such for c2s:

=INFO REPORT==== 2010-04-12 17:19:26 ===
I(<0.16704.0>:ejabberd_c2s:438) : ({socket_state,gen_tcp,#Port<0.8435>,<0.16703.
0>}) Accepted legacy authentication for shakademus@shakaweb.org/X

I have absolutely no idea what happened on April 16th, but it completely broke my ejabberd. There wasn't any reboot, automated upgrade or anything else... Restarting doesn't fix up things.

I've also tested to shut down saslauthd which ejabberd uses for authentication and found that this does not change ejabberd's behavior in any way. So it seems the server doesn't even initiate the authentication. It also wouldn't take part for s2s connection - so sasl can't be the problem.

Any ideas?

Try to use "Service

Try to use "Service Discovery" from a remote server (like jabber.org) to your ejabberd. If you can see your MUC service, Pubsub, Vjud... then the problem is only in client connections.

You say that in ejabberd.cfg you don't use the internal auth_method. In that case, configure auth_method to use internal, register some dummy account "dummy123", and try to login to it. If that works, it means the problem is only in your specific auth method.

You can also check if ejabberd WebAdmin works or not.

If that doesn't work either... then I ran out of ideas. Of course, you can try to backup your Mnesia spool dir, your configuration file, and reinstall ejabberd.

No, s2s connection do not

No, s2s connection do not work as well. As I said the logs only show an 'Accepted connection' message, no 'Connection established' or anything else following.

What I said about authentication was wrong. I mixed that up, sorry. In fact I _do_ use the standard internal method.

Connecting to webadmin, I get a 404 Not Found page. I don't know whether that's normal or not, since I've never used it before. But the good news: Calling webadmin, the connection does not terminate abnormally, just normal responses. Log shows:

=INFO REPORT==== 2010-04-24 19:03:27 ===
I(<0.248.0>:ejabberd_listener:112) : (#Port<0.744>) Accepted connection {{92,226
,110,251},50207} -> {{89,238,65,243},5280}

=INFO REPORT==== 2010-04-24 19:03:27 ===
I(<0.241.0>:ejabberd_http:123) : started: {gen_tcp,#Port<0.744>}

So it seems the problem is bound to just xmpp connections.

I think I'll try to reinstall these days, although I would really like to know what's wrong / what happened.

What I just mentioned when looking for the webadmin: Besides c2s, s2s, http and a locally listening port 7777, there's a port 34188 beam is listening on. May it be the daemon got hacked? Could be a remote shell I guess...

Random port: typical in erlang

Shakademus wrote:

What I just mentioned when looking for the webadmin: Besides c2s, s2s, http and a locally listening port 7777, there's a port 34188 beam is listening on. May it be the daemon got hacked? Could be a remote shell I guess...

That random-looking port number is typical in erlang, see
http://www.process-one.net/en/ejabberd/guide_en#firewall

How to reproduce:
1. In a shell execute:

erl -sname aaa

2. In another shell execute:

$ epmd -names
epmd: up and running on port 4369 with data:
name aaa at port 44399

3. Then verify this is the port number that you found intriguing:

$ netstat -nlp | grep beam
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:44399           0.0.0.0:*               LISTEN      11513/beam.smp

It is, no intrusion happened;

It is, no intrusion happened; so it'll be the reinstallation... Hope it helps.

Got it running again. :-) I

Got it running again. :-)

I made a backup and then ran 'aptitude reinstall'. Since that flushed the hostname and admin user out auf the configuration file, I then used dpkg-reconfigure to set those settings. Then everything worked fine and I didn't even have to import the backup - all the data got preserved.

Sadly, I don't know whether the reinstall or the reconfiguration did the trick (should have tried the reconf first...)

Syndicate content