Port Numbers in JIRA

#######################################

[root@jiraapp01 abc012]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eno16780032
sources:
services: dhcpv6-client http https ssh
ports: 8090/tcp 8443/tcp 8005/tcp 8080/tcp
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
#######################################

Any other ports need to be open ? Like SMTP for email communications
Port 80 ?

Thanks,
Nav

1 comment

Incoming ports only need to have the port you want users to access JIRA on.

Outgoing - depends on what you want to connect JIRA to - SMTP, IMAP, POP, other Atlassian stuff like Hipchat, Bitbucket or Confluence etc.  They all run on other ports, so you'll be needing to allow JIRA to go out over them

Thank you Nic, We have JIRA and Confluence Applications here in our company. We are planning for JIRA/Confluence Migration/Upgrade. Is port 80 necessary to be open ? 

 

Thanks,

Nav

Is there any way to find from the JIRA application UI to find what all ports are open ?

Thanks,

Nav

It depends on what port you choose to run it on.  The default is 8080, but a lot of us relocate it.  Often with proxy throwing it over to a standard port, so the users and urls aren't required to give the port every time (As an example, almost all browsers assume port 80 if you use http in the urls, and port 443 if it's https)

The JIRA application doesn't expose it, but if you are using a non-standard port, it will be in the base url.

Great !! Thanks Nic. 

How can I find out which firewall ports need to be  open while migrating/upgrading the JIRA to the target PROD environment.

Do I need to give the below information to Firewall team and let them know to keep all these below things as same.. ? 

For ex. If we have JIRA application interacting with BitBucket there  should be a firewall port opened between these both ?

Please suggest.

Also, when I checked my current production server of JIRA using the below command.

iptables -nL
======== 
I got below output(Attached the screenshot)

Thanks,
Nav


ACCEPT all -- 147.144.20.234 147.144.20.234
ACCEPT all -- 147.144.20.234 127.0.0.1
ACCEPT all -- 127.0.0.1 127.0.0.1
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
OverrideIN all -- 0.0.0.0/0 0.0.0.0/0
WebserverIN all -- 0.0.0.0/0 0.0.0.0/0
SystemDefaultIN all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
ossecIN all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 147.144.20.234 147.144.20.234
ACCEPT all -- 147.140.20.214 127.0.0.1
ACCEPT all -- 127.0.0.1 127.0.0.1
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
OverrideOUT all -- 0.0.0.0/0 0.0.0.0/0
WebserverOUT all -- 0.0.0.0/0 0.0.0.0/0
SystemDefaultOUT all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
ossecOUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OverrideIN (1 references)
target prot opt source destination
ACCEPT tcp -- 147.140.20.41 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 10.184.22.39 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0 0.0/0 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
ACCEPT all -- 147.140.20.172 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8090
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
ACCEPT all -- 147.140.45.235 0.0.0.0/0
ACCEPT tcp -- 10.187.12.129 0.0.0.0/0 tcp dpt:8443
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:161
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:161
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:161
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:161
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:161

Chain OverrideOUT (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 147.140.45

>How can I find out which firewall ports need to be  open 

Assuming you want to use the systems raw, on their current ports (which means your users will be using urls with ports named in them, like https://ourjira.ourcompany:8080 ), then, while the applications are running a simple

netstat -plant

will list all open listening ports on a server.

Thank you Nic. That was helpful

Comment

Log in or Sign up to comment
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Julia Dillon
Posted Tuesday in Jira

Tell us how your team runs on Jira!

Hey Atlassian Community! Today we are launching a bunch of customer stories about the amazing work teams, like Dropbox and Twilio, are doing with Jira. You can check out the stories here. The thi...

166 views 1 17
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you