Jenkins listens on weird ports
I use Centos 6.5 and Jenkins 1.547. I installed Jenkins as outlined in Jenkins's wiki.
I configured Jenkins to listen on local port 8081.
netstat -tulpn reveals that Jenkins additionally listens on more ports (PID 981 being the running Jenkins process):
$ netstat -tulpn | grep 981
tcp 0 0 :::41613 :::* LISTEN 981/java
tcp 0 0 ::ffff:127.0.0.1:8081 :::* LISTEN 981/java
tcp 0 0 :::43586 :::* LISTEN 981/java
udp 0 0 :::33848 :::* 981/java
udp 0 0 :::5353 :::* 981/java
I am wondering about the purpose of those additional ports. Also, these ports are reachable from the outside, i.e. an outside nmap scan shows these ports being open.
How can I configure Jenkins to only listen on local port 8081?
There is an open issue in Jenkin's bugtracker which outlines the steps to follow in order to close all undesired ports:
- In Jenkins' web interface, under Dashboard → Manage Jenkins → Configure System → SSH Server, select Disable.
- In Jenkins' web interface, under Dashboard → Manage Jenkins → Configure Global Security → TCP port for JNLP slave agents, select Disable.
- Assuming Jenkins starts up via
/etc/init.d/jenkinsas an unprivileged user, then edit the configuration file/etc/sysconfig/jenkins, locateJENKINS_JAVA_OPTIONSand add-Dhudson.DNSMultiCast.disabled=true -Dhudson.udp=1023(... e.g. assuming it currently readsJENKINS_JAVA_OPTIONS="-Djava.awt.headless=true", then change it toJENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Dhudson.DNSMultiCast.disabled=true -Dhudson.udp=1023")