Torrent client and open ports

hifi100 · 01-28-2018, 09:05 AM

Hi,

I am using Ubuntu. I have configured ufw like this

Code:

 sudo ufw default deny

but still when I open a torrent client like transmission

and do a port scan I get this

Code:

$ nmap 192.168.0.100 -p51413

Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-28 20:33 IST
Nmap scan report for xubuntu (192.168.0.100)
Host is up (0.000062s latency).

PORT      STATE SERVICE
51413/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 0.05 seconds

How come the port is open ? Isn't ufw suppose to block that port

unless I add an "allow" rule ?

hifi100 · 01-29-2018, 04:34 AM

Nobody ?

camp0 · 01-29-2018, 08:33 AM

Hi, I think you need to describe the issue better, for example: are you executing nmap from the same machine? Can you check with lsof who is listening on that port? also you can have a port listening on a port and block the income packets in the same machine. Where do you have the firewall?

hifi100 · 01-29-2018, 08:41 AM

Quote:

Originally Posted by camp0

Hi, I think you need to describe the issue better, for example: are you executing nmap from the same machine? Can you check with lsof who is listening on that port? also you can have a port listening on a port and block the income packets in the same machine. Where do you have the firewall?

Yes I am running nmap from the same machine.

Please give me the exact lsof command.

The firewall (ufw) is on the same machine which is running

the torrent client.

camp0 · 01-29-2018, 09:56 AM

lsof -p <pid> or even better https://linux.die.net/man/8/lsof

ondoho · 01-31-2018, 02:17 AM

...also might help clarify:

Code:

ufw status verbose

hifi100 · 01-31-2018, 07:16 AM

Quote:

Originally Posted by ondoho

...also might help clarify:

Code:

ufw status verbose

Code:

$ sudo ufw status verbose
[sudo] password for xubuntu: 
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
51413                      DENY IN     Anywhere                  
51413 (v6)                 DENY IN     Anywhere (v6)             

$ nmap 192.168.0.102 -p51413

Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-31 18:44 IST
Nmap scan report for xubuntu (192.168.0.102)
Host is up (0.000062s latency).

PORT      STATE SERVICE
51413/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 0.03 seconds

Still port 51413 is open (with Transmission open).

Trihexagonal · 02-01-2018, 01:59 AM

I have never used torrents, but is it possible it's wanting to use you as a peer to seed the files you downloaded and is keeping the port open?

Apparently the Transmission client uses that port.

zeebra · 12-20-2020, 06:43 PM

Are you perhaps running other things on your computer that might open ports as "necessary"? (on demand)

Ps. I don't know anything about ufw and how it works