Subsonic Forum

[EddyB]

Hello

I've just installed subsonic on my debian.
When i run all the listening connections i get :

java 31264 pi 102u IPv4 203187 0t0 UDP *:1900
java 31264 pi 104u IPv4 203190 0t0 TCP 192.168.0.254:41443 (LISTEN)
java 31264 pi 105u IPv4 203191 0t0 UDP 192.168.0.254:46282
java 31264 pi 110u IPv4 202217 0t0 TCP 192.168.0.254:4040 (LISTEN)
java 31264 pi 111u IPv4 203237 0t0 TCP *:9412 (LISTEN)
java 31264 pi 112u IPv4 203238 0t0 TCP *:43773 (LISTEN)
java 31264 pi 113u IPv4 229724 0t0 TCP 192.168.0.254:4040->192.168.0.15:46597 (ESTABLISHED)
java 31264 pi 114u IPv4 220040 0t0 TCP 192.168.0.254:4040->192.168.0.15:46431 (ESTABLISHED)

Subsonic runs on the 4040 tcp port, I would like to disable ALL other listening connections which are useless?
But how to do it ??!!

[acroyear]

You can't (except maybe the UDP 1900 incoming, which I believe is UPNP and you can turn that off in your Settings page).

Those are internal ports that Apache and/or Jetty are using for peer-to-peer communication. They're designed for when different parts or clones of the server can sit on different machines for load balancing, but generally it is rare anybody configures things to do that outside of a major Enterprise production environment.

But even if it is all on the same machine, it still uses those networkings for the internal communication rather than trying to implement two different communication means (there's little performance gain so it isn't worth rewriting - yes, i've seen the code there years ago), and disabling them basically breaks the service.

The ports are 'random' (well, allocated from a random starting point), and usually in odd number ranges so a firewall blocks them from the outside world. So long as you have a firewall on your router and only 4040 gets to the outside, those ports can't be attacked. If using automatic port forwarding, only the 4040 is going to be opened up.