Bookmark and Share

Author Topic: some ports open, some do not.  (Read 44432 times)

0 Members and 1 Guest are viewing this topic.

Offline kanick

  • PcWinTech Jr. Member
  • Join Date: Sep 2016
  • Posts: 3
  • Karma: 0
some ports open, some do not.
« on: September 14, 2016, 12:44:46 PM »
hi, let me throw this out here as i haven't been able to find an answer elsewhere.  i am able to enable two ports to vms successfully.  however i am unable to open a different port even though i have following the same procedure.  here is the setup:
*Netgear R6300V2 router, Firmware: DD-WRT v24-sp2.
*Ports 8333 (to ubuntu 16.04) and 9333 (to windows server 2012r2) are open and working fine.
*Ports 30303 and 30301 (to win 2012r2) do not open.
*the static IP on the servers are setup up the same and as you can from the interface, i am entering in values the same.
*xfinity has told me they don't block ports.
*these are vms and i would explore tweaking vmware's firewall at a cli level except for the fact that the ubuntu and other windows vms are working fine. 
*the virtual networking settings are the same on all vms.

i would be most grateful for any ideas on a fix or even any crazy ideas on what to try next.  because i'm out of ideas here.  :-)

thanks, mike

PcWinTech.com Forums

some ports open, some do not.
« on: September 14, 2016, 12:44:46 PM »

Offline trpted

  • PcWinTech Guru
  • ******
  • Join Date: Sep 2011
  • Posts: 1,136
  • Karma: 37
Re: some ports open, some do not.
« Reply #1 on: September 15, 2016, 06:31:38 AM »
#1 From DSLR (dslreports.com) -> Forums -> Broadband and Networking -> Networking -> How to know if ports are reaching my computer from outside the post by DSLR user mackey (user # 1479488) on 2015-Sep-24 at 8:05 pm - if you wanted to test port 5154, besides using an inbound client side port checker:

Quote
Run tcpdump (`tcpdump -p -n -i <interface> port 5154` would be a good command to start with). If you see incoming TCP SYN packets (not SYN/ACK), or incoming UDP packets from an IP which did not have an outgoing packet first, then the port is open.

#2 For tcpdump on Windows I found this info https://uwnthesis.wordpress.com/2014/05/26/windump-how-to-use-windump-tcpdump-on-windows-7-the-visual-guide/

#3 For a TCP and a UDP port checker you can use http://www.base64online.com/port-check.php or http://www.ipfingerprints.com/portscan.php

#4 Using a packet sniffer (like tcpdump = command line / like wireshark = GUI) you should see the traffic from an outside IP address reaching your computer, like I did (when you are forwarding the ports to your computer).

Code: [Select]
user-name@pc-name:~$ tcpdump -p -n -i eth0 port 5154
tcpdump: eth0: You don't have permission to capture on that device
(socket: Operation not permitted)
user-name@pc-name:~$ sudo tcpdump -p -n -i eth0 port 5154
[sudo] password for user-name:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:40:24.169428 IP 192.168.2.138.50157 > 192.168.2.255.5154: UDP, length 6
08:42:15.839461 IP 4.79.142.206.37174 > 192.168.2.138.5154: Flags [S], seq 1464127243, win 8192, options [mss 1460], length 0
08:49:05.773987 IP 90.145.69.116.51145 > 192.168.2.138.5154: UDP, length 0
08:49:06.938818 IP 90.145.69.116.36530 > 192.168.2.138.5154: UDP, length 0
08:57:57.580814 IP 198.199.98.246.42092 > 192.168.2.138.5154: Flags [S], seq 3027635480, win 14600, options [mss 1460,sackOK,TS val 4240686068 ecr 0,nop,wscale 8], length 0
08:57:57.712334 IP 198.199.98.246.42093 > 192.168.2.138.5154: Flags [S], seq 1267700791, win 14600, options [mss 1460,sackOK,TS val 4240686102 ecr 0,nop,wscale 8], length 0
08:57:57.840328 IP 198.199.98.246.42095 > 192.168.2.138.5154: Flags [S], seq 1515263633, win 14600, options [mss 1460,sackOK,TS val 4240686134 ecr 0,nop,wscale 8], length 0
^C
7 packets captured
7 packets received by filter
0 packets dropped by kernel
user-name@pc-name:~$


#5 Some notes about my testing..

a) 192.168.2.138.50157 is from this same computer.

b) As noted at grc.com -> Services -> Shield's Up they own  4.79.142.192 -thru- 4.79.142.207.

c) I believe 198.199.98.246 is from http://www.yougetsignal.com/tools/open-ports/ as it only checks TCP ports.

d) As you can see, I checked port 5154.

#6 The only UDP ports that grc.com checks, that I know of, are:

a) DNS (53) grc.com -> Freeware -> Utilities -> DNS Benchmark -> DNS Spoofability Test Introduction (or grc.com -> Services -> DNS Spoofability Test)

b) Universal Plug n'Play (UPnP) =  1900

https://www.grc.com/port_5000.htm

From grc.com -> Services -> Shield's Up: Click on Proceed and then click on GRC's Instant UPnP Exposure Test
Private messages (PM) are not for support questions or for hints to not yet answered topics. The PMs are basically for confident conversation between the users, off the forum.

Offline kanick

  • PcWinTech Jr. Member
  • Join Date: Sep 2016
  • Posts: 3
  • Karma: 0
Re: some ports open, some do not.
« Reply #2 on: September 15, 2016, 09:48:44 AM »
thanks for the reply.  i already know the port is closed though; would be interested in any ideas as to how to open it.  thanks again.

Offline trpted

  • PcWinTech Guru
  • ******
  • Join Date: Sep 2011
  • Posts: 1,136
  • Karma: 37
Re: some ports open, some do not.
« Reply #3 on: September 16, 2016, 05:49:44 AM »
#1 In the NAT router go to Access Restrictions

UI will look something like what you see at http://www.pcwintech.com/showimage?file=files/screenshots/dd-wrt_24_sp2/035.png

#2 There are none that will stop you from allowing that traffic?

#3 In the NAT router go to Security -> Firewall

UI will look something like what you see at http://www.pcwintech.com/showimage?file=files/screenshots/dd-wrt_24_sp2/033.png

#4 If the log is not enabled, enable the log.

#5 It has been a while since I used a NAT router with DD-WRT that includes a log [ for example the micro version does not include it :( ] So I am not sure if it can decide what to record. As in outbound only vs inbound only vs both, as well as allowed vs blocked vs both.

#6 Anyways, you could:

a) record inbound - blocked.

-> Then if you do that to see the ports that the NAT router blocked the see if the traffic is reaching the NAT router or not, besides viewing the inbound log of the NAT router - as need be temporary disabling your forwarding rule(s).

b) OR you could record: inbound - allowed

c) OR you could record: inbound - both.

^^^^^
Private messages (PM) are not for support questions or for hints to not yet answered topics. The PMs are basically for confident conversation between the users, off the forum.

Offline kanick

  • PcWinTech Jr. Member
  • Join Date: Sep 2016
  • Posts: 3
  • Karma: 0
Re: some ports open, some do not.
« Reply #4 on: September 17, 2016, 01:18:37 AM »
PROBLEM SOLVED!
thanks to your help, i checked the security>firewall settings and found that 'filter multicast' was ticked.  i unchecked that box and now i'm all set.  thanks for taking the time to help!

PcWinTech.com Forums

Re: some ports open, some do not.
« Reply #4 on: September 17, 2016, 01:18:37 AM »

 

email