[jboss-jira] [JBoss JIRA] (WFCORE-4763) interface "any" tag not working as expected

Brian Stansberry (Jira) issues at jboss.org
Thu Dec 12 18:23:00 EST 2019 

    [ https://issues.redhat.com/browse/WFCORE-4763?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13825040#comment-13825040 ] 

Brian Stansberry commented on WFCORE-4763:
------------------------------------------

Hi [~assylias] The `<any/>` behavior is by design. It's true, using `<any-address/>` is a workaround to achieve what you want, but with the downside of having the socket reachable via other addresses on the host.

I filed https://github.com/wildfly/wildfly/pull/12848 to help clarify this point in the WildFly docs.

> interface "any" tag not working as expected
> -------------------------------------------
>
>                 Key: WFCORE-4763
>                 URL: https://issues.redhat.com/browse/WFCORE-4763
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Management
>         Environment: Ubuntu 18.02
>            Reporter: Yann Le Tallec
>            Priority: Major
>
> The {{<any>}} tag in the {{interface}} configuration of {{standalone.xml}} should accept any connection that matches ANY of the provided rules. This is not the case as demonstrated by the example below.
> This configuration allows to run {{jboss-cli.sh -c}} from the machine where wildfly is running as expected:
> {code:xml}
>     <interfaces>
>         <interface name="management">
>             <any>
>                 <inet-address value="127.0.0.1"/>
>             </any>
>         </interface>
>     </interfaces>
> {code}
> But if I add another (VALID) IP address inside the any tag, I can't connect any more:
> {code:xml}
>     <interfaces>
>         <interface name="management">
>             <any>
>                 <inet-address value="127.0.0.1"/>
>                 <inet-address value="10.20.230.26"/>
>             </any>
>         </interface>
>     </interfaces>
> {code}
> With the latter configuration, {{connect}} fails with the following error:
> {noformat}
> >The controller is not available at localhost:9990: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed: WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed: Connection refused
> {noformat}
> Note: to easily reproduce the problem from the cli, starting from a fresh standalone install:
> {code:bash}
> connect
> /interface=management:undefine-attribute(name=inet-address)
> /interface=management:undefine-attribute(name=any)
> /interface=management:write-attribute(name=any,value={inet-address=[127.0.0.1]})
> reload
> /interface=management:write-attribute(name=any,value={inet-address=[127.0.0.1,10.20.230.26]})
> reload
> {code}
> Notes:
> - 10.20.230.26 must be a reachable IP - if I use a random one I can connect normally.
> - if I use {{subnet-match}} I get the same issue



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the jboss-jira mailing list