Configurable host/IP for file transfers (streamhost / port 7777)
Description
Openfire uses its (internal) IP address when sending a streamhost host. This does not work when NAT is used and public clients are connected. They can not connect to 192.168.0.0/24 or 10.0.0.0/8 IP addresses.
Openfire should still use the private IP address to open the listen socket but in the xmpp packets it should use the host name or a configured IP address.
Using the DNS name may be problematic as we can not guarantee that the public DNS entry uses an A/AAAA record. Likely Openfire can not verify this as it connects to an internal DNS server. (http://xmpp.org/extensions/xep-0065.html - Note: If the value of the 'host' attribute is a DNS domain name, it MUST be resolvable to the IP address on which the Proxy (or an instance thereof) is hosted using an A or AAAA lookup.)
==> Keep using the private IP address but add an option to enter a custom value (IP address or host name) and add the XEP documentation (A lookup) to the Openfire file transfer page.
Environment
Openfire in LAN with private IP, clients connecting via NAT / public IP
I've provided an additional change. It re-purposes the 'xmpp.proxy.externalip' property. Earlier, this was used to make the proxy bind to a specific interface. As this is quite similar to the functionality provided by the 'network.interface' property, 'xmpp.proxy.externalip' now controls only what interface is reported. It no longer affect the interface binding process directly. This functionality has also been added to the admin console.
Guus der Kinderen December 18, 2016 at 3:27 PM
Commentary: OF-1170. We should retest this though.
Daryl Herzmann November 20, 2016 at 7:40 PM
I think Guus has this fixed for the upcoming 4.1 release. I have assigned it to him for commentary...
LG February 15, 2014 at 9:13 PM
I think so, but I don't know.
Daryl Herzmann February 13, 2014 at 9:36 PM
Is this issue still happening on a current release (3.9.1)?
Openfire uses its (internal) IP address when sending a streamhost host. This does not work when NAT is used and public clients are connected. They can not connect to 192.168.0.0/24 or 10.0.0.0/8 IP addresses.
Openfire should still use the private IP address to open the listen socket but in the xmpp packets it should use the host name or a configured IP address.
Using the DNS name may be problematic as we can not guarantee that the public DNS entry uses an A/AAAA record. Likely Openfire can not verify this as it connects to an internal DNS server. (http://xmpp.org/extensions/xep-0065.html - Note: If the value of the 'host' attribute is a DNS domain name, it MUST be resolvable to the IP address on which the Proxy (or an instance thereof) is hosted using an A or AAAA lookup.)
==>
Keep using the private IP address but add an option to enter a custom value (IP address or host name) and add the XEP documentation (A lookup) to the Openfire file transfer page.