rodgoslin wrote:There is a suggestion on one of the pages to check /etc/services, which does give me long list of port numbers, but 51413 /udp and 51413/tcp are not included.
iptables -L
[root@down rod]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
Ifw all -- anywhere anywhere
net-fw all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix "Shorewall:INPUT:REJECT:"
reject all -- anywhere anywhere [goto]
Chain FORWARD (policy DROP)
target prot opt source destination
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix "Shorewall:FORWARD:REJECT:"
reject all -- anywhere anywhere [goto]
Chain OUTPUT (policy DROP)
target prot opt source destination
fw-net all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix "Shorewall:OUTPUT:REJECT:"
reject all -- anywhere anywhere [goto]
Chain Broadcast (2 references)
target prot opt source destination
DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST
Chain Drop (1 references)
target prot opt source destination
all -- anywhere anywhere
Broadcast all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed /* Needed ICMP types */
ACCEPT icmp -- anywhere anywhere icmp time-exceeded /* Needed ICMP types */
DROP all -- anywhere anywhere ctstate INVALID
DROP udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds /* SMB */
DROP udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn /* SMB */
DROP udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 /* SMB */
DROP tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */
DROP udp -- anywhere anywhere udp dpt:1900 /* UPnP */
DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
DROP udp -- anywhere anywhere udp spt:domain /* Late DNS Replies */
Chain Ifw (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere match-set ifw_wl src
DROP all -- anywhere anywhere match-set ifw_bl src
IFWLOG all -- anywhere anywhere ctstate INVALID,NEWpsd weight-threshold: 10 delay-threshold: 10000 lo-ports-weight: 2 hi-ports-weight: 1 IFWLOG prefix 'SCAN'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:sunrpcIFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:nfsIFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:4002IFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:4001IFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:4003IFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:4004IFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:ippIFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW multiport dports 6881:6999IFWLOG prefix 'NEW'
IFWLOG udp -- anywhere anywhere ctstate NEW udp dpt:51413IFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:sunrpcIFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:nfsIFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:4002IFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:4001IFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:4003IFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:4004IFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:ippIFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW multiport dports 6881:6999IFWLOG prefix 'NEW'
IFWLOG tcp -- anywhere anywhere ctstate NEW tcp dpt:51413IFWLOG prefix 'NEW'
Chain Reject (3 references)
target prot opt source destination
all -- anywhere anywhere
Broadcast all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed /* Needed ICMP types */
ACCEPT icmp -- anywhere anywhere icmp time-exceeded /* Needed ICMP types */
DROP all -- anywhere anywhere ctstate INVALID
reject udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds /* SMB */
reject udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn /* SMB */
reject udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 /* SMB */
reject tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */
DROP udp -- anywhere anywhere udp dpt:1900 /* UPnP */
DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
DROP udp -- anywhere anywhere udp spt:domain /* Late DNS Replies */
Chain dynamic (1 references)
target prot opt source destination
Chain fw-net (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
Chain logdrop (0 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain logflags (5 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level info ip-options prefix "Shorewall:logflags:DROP:"
DROP all -- anywhere anywhere
Chain logreject (0 references)
target prot opt source destination
reject all -- anywhere anywhere
Chain net-fw (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED
tcpflags tcp -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere multiport dports sunrpc,nfs,4002,4001,4003,4004,ipp,6881:6999,51413
ACCEPT udp -- anywhere anywhere multiport dports sunrpc,nfs,4002,4001,4003,4004,ipp,6881:6999,51413
Drop all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix "Shorewall:net-fw:DROP:"
DROP all -- anywhere anywhere
Chain reject (8 references)
target prot opt source destination
DROP all -- anywhere anywhere ADDRTYPE match src-type BROADCAST
DROP all -- base-address.mcast.net/4 anywhere
DROP igmp -- anywhere anywhere
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
REJECT icmp -- anywhere anywhere reject-with icmp-host-unreachable
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain shorewall (0 references)
target prot opt source destination
all -- anywhere anywhere recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
Chain tcpflags (1 references)
target prot opt source destination
logflags tcp -- anywhere anywhere [goto] tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
logflags tcp -- anywhere anywhere [goto] tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
logflags tcp -- anywhere anywhere [goto] tcp flags:SYN,RST/SYN,RST
logflags tcp -- anywhere anywhere [goto] tcp flags:FIN,SYN/FIN,SYN
logflags tcp -- anywhere anywhere [goto] tcp spt:0 flags:FIN,SYN,RST,ACK/SYN
[root@down rod]#
rodgoslin wrote:Chain net-fw (1 references)
target prot opt source destination
[...]
ACCEPT tcp -- anywhere anywhere multiport dports sunrpc,nfs,4002,4001,4003,4004,ipp,6881:6999,51413
ACCEPT udp -- anywhere anywhere multiport dports sunrpc,nfs,4002,4001,4003,4004,ipp,6881:6999,51413
nmap -p 51413 127.0.0.1
[root@down rod]# nmap -p 51413 127.0.0.1
Starting Nmap 6.47 ( http://nmap.org ) at 2017-03-22 19:16 GMT
Nmap scan report for down (127.0.0.1)
Host is up (0.00011s latency).
PORT STATE SERVICE
51413/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 0.30 seconds
[root@down rod]#
[rod@down ~]$ nmap -p 51413 192.168.1.150
Starting Nmap 6.47 ( http://nmap.org ) at 2017-03-23 00:20 GMT
Nmap scan report for router (192.168.1.150)
Host is up (0.00032s latency).
PORT STATE SERVICE
51413/tcp closed unknown
Nmap done: 1 IP address (1 host up) scanned in 0.03 seconds
[rod@down ~]$
Users browsing this forum: No registered users and 1 guest