Port Numbers in JIRA

Thank you Nic, We have JIRA and Confluence Applications here in our company. We are planning for JIRA/Confluence Migration/Upgrade. Is port 80 necessary to be open ? 

Thanks,

Nav

Is there any way to find from the JIRA application UI to find what all ports are open ?

Thanks,

Nav

It depends on what port you choose to run it on.  The default is 8080, but a lot of us relocate it.  Often with proxy throwing it over to a standard port, so the users and urls aren't required to give the port every time (As an example, almost all browsers assume port 80 if you use http in the urls, and port 443 if it's https)

The JIRA application doesn't expose it, but if you are using a non-standard port, it will be in the base url.

Great !! Thanks Nic. 

How can I find out which firewall ports need to be  open while migrating/upgrading the JIRA to the target PROD environment.

Do I need to give the below information to Firewall team and let them know to keep all these below things as same.. ? 

For ex. If we have JIRA application interacting with BitBucket there  should be a firewall port opened between these both ?

Please suggest.

Also, when I checked my current production server of JIRA using the below command.

iptables -nL
======== 
I got below output(Attached the screenshot)

Thanks,
Nav

ACCEPT all -- 147.144.20.234 147.144.20.234
ACCEPT all -- 147.144.20.234 127.0.0.1
ACCEPT all -- 127.0.0.1 127.0.0.1
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
OverrideIN all -- 0.0.0.0/0 0.0.0.0/0
WebserverIN all -- 0.0.0.0/0 0.0.0.0/0
SystemDefaultIN all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
ossecIN all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 147.144.20.234 147.144.20.234
ACCEPT all -- 147.140.20.214 127.0.0.1
ACCEPT all -- 127.0.0.1 127.0.0.1
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
OverrideOUT all -- 0.0.0.0/0 0.0.0.0/0
WebserverOUT all -- 0.0.0.0/0 0.0.0.0/0
SystemDefaultOUT all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
ossecOUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OverrideIN (1 references)
target prot opt source destination
ACCEPT tcp -- 147.140.20.41 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 10.184.22.39 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0 0.0/0 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
ACCEPT all -- 147.140.20.172 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8090
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
ACCEPT all -- 147.140.45.235 0.0.0.0/0
ACCEPT tcp -- 10.187.12.129 0.0.0.0/0 tcp dpt:8443
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:161
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:161
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:161
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:161
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:161

Chain OverrideOUT (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 147.140.45

>How can I find out which firewall ports need to be  open 

Assuming you want to use the systems raw, on their current ports (which means your users will be using urls with ports named in them, like https://ourjira.ourcompany:8080 ), then, while the applications are running a simple

netstat -plant

will list all open listening ports on a server.

Thank you Nic. That was helpful