diff --git a/doc/ports.md b/doc/ports.md index 89c93d3d9f6219b104f64f7cc72d4eee648defaa..92753f7a7de6dc96582ace2bdd2766a8e6567ac8 100644 --- a/doc/ports.md +++ b/doc/ports.md @@ -10,7 +10,7 @@ The list of TCP ports used in SOCtools, as available from the outside: | 6443 | MISP | | 8888 | haproxy-stats (login: `haproxy`, password is in `secrets/passwords/haproxy`) | 9000 | TheHive | -| 9001 | Cortex | +| 9001 | Cortex | | 9443 | NiFi web GUI | | 12443 | Keycloak | @@ -23,13 +23,33 @@ The following port ranges are opened by haproxy to allow receiving data from ext TODO -Notes: According to haproxy.cfg, the followng ports are forwarded to NiFi: +NOTES-1: According to haproxy.cfg, the followng ports are forwarded to NiFi: - 7750-7760 (tcp) - 7771 (tcp) - 5000-5020 (http) - 6000-6020 (tcp) In fact, I can connect (using `nc`) to these ports 7750, 5000-5099, 6000-6099 (i.e. not 7751-7760, 7771; on the other hand, the 50??,60?? ranges are wider, I don't know where they are pointed to). +NOTES-2: haproxy container is listening on following ports: +- 0.0.0.0:443->443/tcp +- 0.0.0.0:5000-5099->5000-5099/tcp +- 0.0.0.0:6000-6099->6000-6099/tcp +- 0.0.0.0:7750->7750/tcp +- 0.0.0.0:8443->8443/tcp +- 0.0.0.0:8888->8888/tcp +- 0.0.0.0:9000-9001->9000-9001/tcp +- 0.0.0.0:9200->9200/tcp +- 0.0.0.0:9443->9443/tcp + +NOTES-3: From haproxy.cfg, following ports should go through haproxy, but are actually only monitored from haproxy container: +| 8888 | haproxy-stats | +| 9000 | TheHive | +| 9001 | Cortex | +| 9200 | ODFEES | +| 9443 | NiFi web GUI | +| 12443 | Keycloak | - incorectly configured frontend on port 10443 + + Ports already used or reserved for ingesting specific data into the system via NiFi: