mod_proxy65 doesn't open port 7777

Hello,

I configured mod_proxy65 according to http://www.process-one.net/en/ejabberd/guide_en#htoc54 - it's all in default, but that suits me :-). The ejabberd service restarted fine and didn't show any special errors in the ejabberd.log. I can see the "SOCKS5 Bytestreams" - proxy.jabber..cz in PSI services.

But: if I verify with telnet whether the port 7777 is open it looks like it is not. What am I missing?

Windows Server 2008 SP2 64bit.

ejabberd.cfg (I've changed the name of our domain for for security reasons):

%%%
%%% ejabberd configuration file
%%%

%%% The parameters used in this configuration file are explained in more detail
%%% in the ejabberd Installation and Operation Guide.
%%% Please consult the Guide in case of doubts, it is included in
%%% your copy of ejabberd, and is also available online at
%%% http://www.process-one.net/en/ejabberd/docs/

%%% This configuration file contains Erlang terms.
%%% In case you want to understand the syntax, here are the concepts:
%%%
%%% - The character to comment a line is %
%%%
%%% - Each term ends in a dot, for example:
%%% override_global.
%%%
%%% - A tuple has a fixed definition, its elements are
%%% enclosed in {}, and separated with commas:
%%% {loglevel, 4}.
%%%
%%% - A list can have as many elements as you want,
%%% and is enclosed in [], for example:
%%% [http_poll, web_admin, tls]
%%%
%%% - A keyword of ejabberd is a word in lowercase.
%%% The strings are enclosed in "" and can have spaces, dots...
%%% {language, "en"}.
%%% {ldap_rootdn, "dc=example,dc=com"}.
%%%
%%% - This term includes a tuple, a keyword, a list and two strings:
%%% {hosts, ["jabber.example.net", "im.example.com"]}.
%%%

%%% =======================
%%% OVERRIDE STORED OPTIONS

%%
%% Override the old values stored in the database.
%%

%%
%% Override global options (shared by all ejabberd nodes in a cluster).
%%
%%override_global.

%%
%% Override local options (specific for this particular ejabberd node).
%%
%%override_local.

%%
%% Remove the Access Control Lists before new ones are added.
%%
%%override_acls.

%%% =========
%%% DEBUGGING

%%
%% loglevel: Verbosity of log files generated by ejabberd.
%% 0: No ejabberd log at all (not recommended)
%% 1: Critical
%% 2: Error
%% 3: Warning
%% 4: Info
%% 5: Debug
%%
{loglevel, 4}.

%%
%% watchdog_admins: If an ejabberd process consumes too much memory,
%% send live notifications to those Jabber accounts.
%%
%%{watchdog_admins, ["admin@jabber..cz"]}.

%%% ================
%%% SERVED HOSTNAMES

%%
%% hosts: Domains served by ejabberd.
%% You can define one or several, for example:
%% {hosts, ["example.net", "example.com", "example.org"]}.
%%
{hosts, ["jabber..cz"]}.

%%
%% route_subdomains: Delegate subdomains to other Jabber server.
%% For example, if this ejabberd serves example.org and you want
%% to allow communication with a Jabber server called im.example.org.
%%
%%{route_subdomains, s2s}.

%%% ===============
%%% LISTENING PORTS

%%
%% listen: Which ports will ejabberd listen, which service handles it
%% and what options to start it with.
%%
{listen,
[

{5222, ejabberd_c2s, [
{certfile, "C:\\Program Files (x86)\\ejabberd\\conf\\server.pem"}, starttls,
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536}
]},

%%
%% To enable the old SSL connection method in port 5223:
%%
%%{5223, ejabberd_c2s, [
%% {certfile, "C:\\Program Files (x86)\\ejabberd\\conf\\server.pem"}, tls,
%% {access, c2s},
%% {shaper, c2s_shaper},
%% {max_stanza_size, 65536}
%% ]},

{5269, ejabberd_s2s_in, [
{shaper, s2s_shaper},
{max_stanza_size, 131072}
]},

%%
%% ejabberd_service: Interact with external components (transports...)
%%
%%{8888, ejabberd_service, [
%% {access, all},
%% {shaper_rule, fast},
%% {ip, {127, 0, 0, 1}},
%% {hosts, ["icq.example.org", "sms.example.org"],
%% [{password, "secret"}]
%% }
%% ]},

{5280, ejabberd_http, [
%%{request_handlers, [
%% {["web"], mod_http_fileserver}
%%]},
captcha,
http_bind,
http_poll,
web_admin
]}

]}.

%%
%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
%% Allowed values are: true or false.
%% You must specify a certificate file.
%%
%%{s2s_use_starttls, true}.

%%
%% s2s_certfile: Specify a certificate file.
%%
%%{s2s_certfile, "C:\\Program Files (x86)\\ejabberd\\conf\\server.pem"}.

%%
%% domain_certfile: Specify a different certificate for each served hostname.
%%
%%{domain_certfile, "example.org", "C:\\Program Files (x86)\\ejabberd\\conf\\example_org.pem"}.
%%{domain_certfile, "example.com", "C:\\Program Files (x86)\\ejabberd\\conf\\example_com.pem"}.

%%
%% S2S whitelist or blacklist
%%
%% Default s2s policy for undefined hosts.
%%
%%{s2s_default_policy, allow}.

%%
%% Allow or deny communication with specific servers.
%%
%%{{s2s_host, "goodhost.org"}, allow}.
%%{{s2s_host, "badhost.org"}, deny}.

%%% ==============
%%% AUTHENTICATION

%%
%% auth_method: Method used to authenticate the users.
%% The default method is the internal.
%% If you want to use a different method,
%% comment this line and enable the correct ones.
%%
{auth_method, internal}.

%%
%% Authentication using external script
%% Make sure the script is executable by ejabberd.
%%
%%{auth_method, external}.
%%{extauth_program, "\\path\\to\\authentication\\script"}.

%%
%% Authentication using ODBC
%% Remember to setup a database in the next section.
%%
%%{auth_method, odbc}.

%%
%% Authentication using PAM
%%
%%{auth_method, pam}.
%%{pam_service, "pamservicename"}.

%%
%% Authentication using LDAP
%%
%%{auth_method, ldap}.
%%
%% List of LDAP servers:
%%{ldap_servers, ["jabber..cz"]}.
%%
%% LDAP attribute that holds user ID:
%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
%%
%% Search base of LDAP directory:
%%{ldap_base, "dc=example,dc=com"}.
%%
%% LDAP manager:
%%{ldap_rootdn, "dc=example,dc=com"}.
%%
%% Password to LDAP manager:
%%{ldap_password, "******"}.

%%
%% Anonymous login support:
%% auth_method: anonymous
%% anonymous_protocol: sasl_anon | login_anon | both
%% allow_multiple_connections: true | false
%%
%%{host_config, "public.example.org", [{auth_method, anonymous},
%% {allow_multiple_connections, false},
%% {anonymous_protocol, sasl_anon}]}.
%%
%% To use both anonymous and internal authentication:
%%
%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.

%%% ==============
%%% DATABASE SETUP

%% ejabberd uses by default the internal Mnesia database,
%% so you can avoid this section.
%% This section provides configuration examples in case
%% you want to use other database backends.
%% Please consult the ejabberd Guide for details about database creation.

%%
%% MySQL server:
%%
%%{odbc_server, {mysql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.

%%
%% PostgreSQL server:
%%
%%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
%%
%% If you use PostgreSQL, have a large database, and need a
%% faster but inexact replacement for "select count(*) from users"
%%
%%{pgsql_users_number_estimate, true}.

%%
%% ODBC compatible or MSSQL server:
%%
%%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

%%% ===============
%%% TRAFFIC SHAPERS

%%
%% The "normal" shaper limits traffic speed to 1.000 B/s
%%
{shaper, normal, {maxrate, 1000}}.

%%
%% The "fast" shaper limits traffic speed to 50.000 B/s
%%
{shaper, fast, {maxrate, 50000}}.

%%% ====================
%%% ACCESS CONTROL LISTS

%%
%% The 'admin' ACL grants administrative privileges to Jabber accounts.
%% You can put as many accounts as you want.
%%
{acl, admin, {user, "admin", "jabber..cz"}}.

%%
%% Blocked users
%%
%%{acl, blocked, {user, "baduser", "example.org"}}.
%%{acl, blocked, {user, "test"}}.

%%
%% Local users: don't modify this line.
%%
{acl, local, {user_regexp, ""}}.

%%
%% More examples of ACLs
%%
%%{acl, jabberorg, {server, "jabber.org"}}.
%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%%{acl, test, {user_regexp, "^test"}}.
%%{acl, test, {user_glob, "test*"}}.

%%% ============
%%% ACCESS RULES

%% Define the maximum number of time a single user is allowed to connect:
{access, max_user_sessions, [{10, all}]}.

%% This rule allows access only for local users:
{access, local, [{allow, local}]}.

%% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
{allow, all}]}.

%% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
{normal, all}]}.

%% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

%% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

%% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

%% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

%% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.
{access, muc_create, [{allow, local}]}.

%% In-band registration
{access, register, [{allow, all}]}.

%% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, local}]}.

%%% ================
%%% DEFAULT LANGUAGE

%%
%% language: Default language used for server messages.
%%
{language, "en"}.

%%% =======
%%% CAPTCHA

%%
%% Full path to a script that generates the image.
%%
%%{captcha_cmd, "C:\\Program Files (x86)\\ejabberd\\priv/bin/captcha.sh"}.

%%
%% Host part of the URL sent to the user.
%%
%%{captcha_host, "example.org:5280"}.

%%% =======
%%% MODULES

%%
%% Modules enabled in all ejabberd virtual hosts.
%%
{modules,
[
{mod_adhoc, []},
{mod_announce, [{access, announce}]}, % requires mod_adhoc
{mod_caps, []},
{mod_configure,[]}, % requires mod_adhoc
{mod_disco, []},
%%{mod_echo, [{host, "echo.jabber..cz"}]},
{mod_http_bind,[]},
%%{mod_http_fileserver, [
%% {docroot, "C:\\Program Files (x86)\\ejabberd\\www"},
%% {accesslog, "C:\\Program Files (x86)\\ejabberd\\www/webaccess.log"},
%% {content_types, [{".htm", "text/html"}]},
%% {directory_indices, ["index.html", "index.htm"]}
%%]},
{mod_irc, []},
{mod_last, []},
{mod_muc, [
%%{host, "conference.@HOST@"},
{access, muc},
{access_create, muc_create},
{access_persistent, muc_create},
{access_admin, muc_admin}
]},
%%{mod_muc_log,[]},
{mod_logxml, [
{stanza, [iq, message, presence, other]},
{direction, [internal, vhosts, externa]},
{orientation, [send, recv]},
{logdir, "C:/Program Files (x86)/ejabberd/logs/mod_logxml/"},
{rotate_days, 1},
{rotate_megs, 100},
{rotate_kpackets, no},
{timezone, local},
{check_rotate_kpackets, 1}
]},
{mod_offline, []},
{mod_privacy, []},
{mod_private, []},
{mod_proxy65,[]},

{mod_pubsub, [ % requires mod_caps
{access_createnode, pubsub_createnode},
{ignore_pep_from_offline, true},
{last_item_cache, false},
{plugins, ["flat", "hometree", "pep"]}
]},
{mod_register, [
%%
%% After successful registration, the user receives
%% a message with this subject and body.
%%
{welcome_message, {"Welcome!",
"Welcome to this Jabber server."}},

%%
%% When a user registers, send a notification to
%% these Jabber accounts.
%%
%%{registration_watchers, ["admin1@example.org"]},

{access, register}
]},
{mod_roster, []},
%%{mod_service_log,[]},
{mod_shared_roster,[]},
%%{mod_stats, []},
{mod_time, []},
{mod_vcard, []},
{mod_version, []}
]}.

%%% $Id: ejabberd.cfg.example 1073 2007-12-17 11:03:22Z badlop $

%%% Local Variables:
%%% mode: erlang
%%% End:
%%% vim: set filetype=erlang tabstop=8:

Pontiac wrote: But: if I

Pontiac wrote:

But: if I verify with telnet whether the port 7777 is open it looks like it is not. What am I missing?

I compiled and installed ejabberd 2.1.3 in Linux, configured the module like you (no custom options). When I start ejabberd, it shows those messages in the log files, which indicate that ejabberd started the module, the listener, etc:

...
=PROGRESS REPORT==== 17-May-2010::11:22:02 ===
          supervisor: {local,ejabberd_sup}    
             started: [{pid,<0.299.0>},       
                       {name,mod_proxy65_stream_sup},
                       {mfa,                         
                           {ejabberd_tmp_sup,start_link,
                               [mod_proxy65_stream_sup,mod_proxy65_stream]}},
                       {restart_type,permanent},                             
                       {shutdown,infinity},                                  
                       {child_type,supervisor}]                              

=PROGRESS REPORT==== 17-May-2010::11:22:02 ===
          supervisor: {local,ejabberd_listeners}
             started: [{pid,<0.300.0>},         
                       {name,{7777,{127,0,0,1},tcp}},
                       {mfa,                         
                           {ejabberd_listener,start, 
                               [{7777,{127,0,0,1},tcp},
                                mod_proxy65_stream,    
                                ["localhost"]]}},      
                       {restart_type,transient},       
                       {shutdown,brutal_kill},         
                       {child_type,worker}]            

=PROGRESS REPORT==== 17-May-2010::11:22:02 ===
          supervisor: {local,ejabberd_mod_proxy65_localhost}
             started: [{pid,<0.302.0>},                     
                       {name,mod_proxy65_sm},               
                       {mfa,{mod_proxy65_sm,start_link,["localhost",[]]}},
                       {restart_type,transient},                          
                       {shutdown,5000},                                   
                       {child_type,worker}]                               

=PROGRESS REPORT==== 17-May-2010::11:22:02 ===
          supervisor: {local,ejabberd_mod_proxy65_localhost}
             started: [{pid,<0.305.0>},                     
                       {name,ejabberd_mod_proxy65_sup},     
                       {mfa,                                
                           {ejabberd_tmp_sup,start_link,    
                               [ejabberd_mod_proxy65_sup_localhost,
                                mod_proxy65_stream]}},             
                       {restart_type,transient},                   
                       {shutdown,infinity},                        
                       {child_type,supervisor}]                    

=PROGRESS REPORT==== 17-May-2010::11:22:02 ===
          supervisor: {local,ejabberd_mod_proxy65_localhost}
             started: [{pid,<0.306.0>},                     
                       {name,mod_proxy65_service},          
                       {mfa,{mod_proxy65_service,start_link,["localhost",[]]}},
                       {restart_type,transient},                               
                       {shutdown,5000},                                        
                       {child_type,worker}]                                    

=PROGRESS REPORT==== 17-May-2010::11:22:02 ===
          supervisor: {local,ejabberd_sup}    
             started: [{pid,<0.301.0>},       
                       {name,ejabberd_mod_proxy65_localhost},
                       {mfa,{mod_proxy65,start_link,["localhost",[]]}},
                       {restart_type,transient},                       
                       {shutdown,infinity},                            
                       {child_type,supervisor}]                        

Then I looked what ports is ejabberd listening:

$ netstat -nlp | grep beam | sort
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:38320           0.0.0.0:*               LISTEN      21666/beam.smp
tcp        0      0 0.0.0.0:4560            0.0.0.0:*               LISTEN      21666/beam.smp
tcp        0      0 0.0.0.0:5222            0.0.0.0:*               LISTEN      21666/beam.smp
tcp        0      0 0.0.0.0:5223            0.0.0.0:*               LISTEN      21666/beam.smp
tcp        0      0 0.0.0.0:5269            0.0.0.0:*               LISTEN      21666/beam.smp
tcp        0      0 0.0.0.0:5280            0.0.0.0:*               LISTEN      21666/beam.smp
tcp        0      0 0.0.0.0:5282            0.0.0.0:*               LISTEN      21666/beam.smp
tcp        0      0 127.0.0.1:7777          0.0.0.0:*               LISTEN      21666/beam.smp

As you can see, the port 7777 is only listened in the local address 127.0.0.1, not in all.

Then I try a connection, and telnet fortunately uses the local address, so the connection works:

$ telnet localhost 7777
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
asdasd
Connection closed by foreign host.

ejabberd logs in ejabberd.log:

=INFO REPORT==== 17-May-2010::11:22:05 ===
I(<0.300.0>:ejabberd_listener:232) : (#Port<0.3908>) Accepted connection
   {{127,0,0,1},59976} -> {{127,0,0,1},7777}

If you want the proxy to listen in all addresses, you can configure:

  {mod_proxy65,[ {ip, {0,0,0,0}} ]},

Works!

Thank you! The proxy was really bound to the local address only and therefore it would not accept connections from the outside. But once I changed the config your way it started listening on 0.0.0.0:7777 and is accepting connections now.

Syndicate content