second take on trying to get a xmpp server (OpenFire, Java) client (Pidgin, C (C#, Perl, Python, Tcl are used for plugins)) up and running.

at least this time with partial luck (was able to login via pidgin) but it feels buggy and overly complicated X-D (especially compared to mumble (yes xmpp probably can do way more, mumble can only do audio (with many many users) and chat)

also: the naming is kind of… suboptimal “openfire” like “open fire” (on whom?) open uncontrolled fires are dangerous X-D (maybe that is what the name implies)

non-working java based server applications are not dangerous at all, just annoying

at least: unless other RAM hungry Java programs, it can be run on a vps with as little as 512 MBytes of RAM

why is this so complicated?

ain’t workin X-D

hostnamectl; # tested on
    Virtualization: kvm
  Operating System: CentOS Linux 7 (Core)
       CPE OS Name: cpe:/o:centos:centos:7
            Kernel: Linux 5.1.0
      Architecture: x86-64

mkdir /software
cd /software
wget https://download.igniterealtime.org/openfire/openfire-4.6.0-0.2.beta.x86_64.rpm
yum install -y openfire-4.6.0-0.2.beta.x86_64.rpm 

firewalling

depending on if user uses iptables: (should work instantly)

# http://ip-or-domain-of-server.com:9090
/sbin/iptables -I INPUT -p tcp -m tcp --dport 9090 -j ACCEPT
# https admin console (preferred)
# https://ip-or-domain-of-server.com:9091
/sbin/iptables -I INPUT -p tcp -m tcp --dport 9091 -j ACCEPT
# ports where clients connect (plain-text (with STARTTLS))
/sbin/iptables -I INPUT -p tcp -m tcp --dport 5222 -j ACCEPT

or firewalld:

firewall-cmd --permanent --zone=public --add-port=9090/tcp
firewall-cmd --permanent --zone=public --add-port=9091/tcp
firewall-cmd --permanent --zone=public --add-port=5222/tcp
# submit changes
firewall-cmd --reload

or both? X-D

startup:

can not connect if started per default/autostart/system.

had to:

systemctl stop openfire.service
# manual startup
/opt/openfire/bin/openfire.sh

then was able to connect: pidgin openfire first contact X-D

 

 

 

hurray: connected… can chat with oneself X-D

web admin console:

xmpp: openfire: many many ports:

Server Ports
Interface Port Type Description
All addresses 5222 This port uses SSL to encrypt traffic over the network Client to Server The standard port for clients to connect to the server. On this port plain-text connections are established, which, depending on configurable security settings, can (or must) be upgraded to encrypted connections.
All addresses 5223 This port uses SSL to encrypt traffic over the network Client to Server The port used for clients to connect to the server using the old SSL/TLS method. Connections established on this port are established using a pre-encrypted connection. This type of connectivity is commonly referred to as the “old-style” or “legacy” method of establishing encrypted connections. Configuration details can be modified in the security settings.
All addresses 7070 HTTP Binding The port used for unsecured HTTP client connections.
All addresses 7443 This port uses SSL to encrypt traffic over the network HTTP Binding The port used for secured HTTP client connections.
All addresses 5269 This port uses SSL to encrypt traffic over the network Server to Server The port used for remote servers to connect to this server. On this port plain-text connections are established, which, depending on configurable security settings, can (or must) be upgraded to encrypted connections.
All addresses 5270 This port uses SSL to encrypt traffic over the network Server to Server The port used for remote servers to connect to this server. Connections established on this port are established using a pre-encrypted connection. This type of connectivity is commonly referred to as the “old-style” or “legacy” method of establishing encrypted connections. Configuration details can be modified in the security settings.
All addresses 5275 This port uses SSL to encrypt traffic over the network External Components The port used for external components to connect to the server. On this port plain-text connections are established, which, depending on configurable security settings, can (or must) be upgraded to encrypted connections.
All addresses 5276 This port uses SSL to encrypt traffic over the network External Components The port used for external components to the server using the old SSL/TLS method. Connections established on this port are established using a pre-encrypted connection. This type of connectivity is commonly referred to as the “old-style” or “legacy” method of establishing encrypted connections. Configuration details can be modified in the security settings.
All addresses 5262 This port uses SSL to encrypt traffic over the network Connection Manager The port used for connection managers to connect to the server. On this port plain-text connections are established, which, depending on configurable security settings, can (or must) be upgraded to encrypted connections.
All addresses 5263 This port uses SSL to encrypt traffic over the network Connection Manager The port used for connection managers to the server using the old SSL/TLS method. Connections established on this port are established using a pre-encrypted connection. This type of connectivity is commonly referred to as the “old-style” or “legacy” method of establishing encrypted connections. Configuration details can be modified in the security settings.
All addresses 9090 Admin Console The port used for unsecured Admin Console access.
All addresses 9091 This port uses SSL to encrypt traffic over the network Admin Console The port used for secured Admin Console access.
All addresses 7777 File Transfer Proxy The port used for the proxy service that allows file transfers to occur between two entities on the XMPP network.
All addresses 5229 Flash Cross Domain Service that allows Flash clients connect to other hostnames and ports.

pidgin version used:

Pidgin 2.13.0 (libpurple 2.13.0)
f07927902113041d6fa291293d9205ea4f05e9e6

Pidgin is a messaging client based on libpurple which is capable of connecting to multiple messaging services at once. Pidgin is written in C using GTK+.

Pidgin is released, and may be modified and redistributed, under the terms of the GPL version 2 (or later).

A copy of the GPL is distributed with Pidgin.

Pidgin is copyrighted by its contributors, a list of whom is also distributed with Pidgin.

There is no warranty for Pidgin.

Helpful Resources
Website
Frequently Asked Questions
IRC Channel: #pidgin on irc.freenode.net
XMPP MUC: devel@conference.pidgin.im

Help for Oracle Employees is available from your normal internal helpdesk or IT department. The Pidgin developer and user communities cannot assist you in the configuration or use of Pidgin within Oracle, as we know nothing of Oracle’s infrastructure.

Help from other Pidgin users is available by emailing support@pidgin.im
This is a public mailing list! (archive)
We can’t help with third-party protocols or plugins!
This list’s primary language is English. You are welcome to post in another language, but the responses may be less helpful.

might be interesting to debug problems client side:

help debugging problems scripts server side:

# follow changes to system logs
find /var/log/* -type f \( -name "*" \) ! -path '*.gz*' -exec tail -n0 -f "$file" {} + | ccze

# follow changes to openfire logs
# (of course those need to be java style in their own directory) X-D
find /opt/openfire/logs/ -type f \( -name "*" \) ! -path '*.gz*' -exec tail -n0 -f "$file" {} + | ccze

Links:

https://imfreedom.org/

liked this article?

  • only together we can create a truly free world
  • plz support dwaves to keep it up & running!
  • (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
  • really really hate advertisement
  • contribute: whenever a solution was found, blog about it for others to find!
  • talk about, recommend & link to this blog and articles
  • thanks to all who contribute!
admin