LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   checking for open ports need ports 5198, 5199 open for UDP (https://www.linuxquestions.org/questions/linux-security-4/checking-for-open-ports-need-ports-5198-5199-open-for-udp-946161/)

raypsi 05-21-2012 10:38 AM

checking for open ports need ports 5198, 5199 open for UDP
 
I have 12.04 32 bit
Kernal Linux 3.2.0-24-generic-pae
GNOME 3.4.1 with
1GB of RAM on a ASUS netbook 1005HA

And A VirginMobile 2200 wifi 3G hotspot for internet.

I have WINE installed and getting Echolink to run is my trouble.
I think it's the Security level of Ubuntu that is preventing
receipt of UDP packets on ports 5198 and 5199.

The 2200 MIFi manual states that every thing goes thru that connection
And the connection log seems to confirm that. The connection log
shows the destination IP, the Port number and type. So the log shows
port 5199 and UDP going to that IP.

Or maybe it's WINE causing the trouble. A port scan of 192.168.1.1 shows only port 80 open
73
de N8ZU

Noway2 05-21-2012 12:13 PM

Quote:

Originally Posted by raypsi (Post 4684041)
A port scan of 192.168.1.1 shows only port 80 open

If the ports aren't showing as open, either they are being blocked by a firewall, e.g. IPTables, or there is no application listening. To determine which case your facing, look at the output of netstat (netstat -pane) run as root, to see if there is an application bound to these ports.

raypsi 05-21-2012 03:02 PM

netstatshows
 
Quote:

Originally Posted by Noway2 (Post 4684119)
If the ports aren't showing as open, either they are being blocked by a firewall, e.g. IPTables, or there is no application listening. To determine which case your facing, look at the output of netstat (netstat -pane) run as root, to see if there is an application bound to these ports.

The GUI netstat from network tools shows

protocol..ipsource...port/service..State
tcp.......127.0.0.1.....7634......Listen
tcp...........''..............53........Listen
tcp...........""............631.........Listen
tcp6...........::1.........631.........Listen
udp.......127.0.0.1........68
udp.........0.0.0.0.......5198
udp.........0.0.0.0.......5199

The UDP ports are not in a listen state.

netstat -pane from the terminal as superuser root spews out pages of data I can't all see.

Thanks in advance

Noway2 05-21-2012 03:59 PM

UDP is a connectionless and doesn't have states like TCP, hence you won't see a listen. Instead you will see an application / PID bound to the port. To facilitate your search you can pipe the results through grep to filter on the wanted information, e.g.:
Code:

netstat -pane | grep 5198
*Note, in Ubuntu you may get better results running netstat pane than netstat -pane (I never understood this one)

In your particular case, it looks like there is a process bound to all interfaces / IP on ports 5198 and 5199. Consequently, there appears to be something blocking your connections. The next thing to do would be to look at your IPTables output ((sudo) iptables -L) and if you have either policy as drop or a drop all rule, you will need to add a rule specifically to accept on these ports. If your not blocked locally, then you need to move to the next device upstream.

raypsi 05-21-2012 06:56 PM

I confirmed receipt of my outbound UDP on port 5198 at the other end server. I'm downloading firewall builder GUI hopefully that can change the IPTables like a review of it said it can. I find no firewall on my system, probably cause they offer a few for sale.

I get this with a iptables -L command:
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Noway2 05-21-2012 07:33 PM

Quote:

Originally Posted by raypsi (Post 4684342)

I get this with a iptables -L command:
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Linux comes with IPtables built into the kernel. It is the default firewall for a Linux system. The output shown indicates that there are no rules and the default policy is to accept the connections.

Given that your process is listening and you don't have a firewall on the local system closing ports, your problem lies beyond your Linux system, such as an upstream switch or security appliance.

raypsi 05-22-2012 04:53 PM

I go to dslreports.com and under tools i use whois and it show an IP addy that addy isn't my mifi addy but is close to my DNS addy when I do a traceroute the whois dslreport whois addy isn't in the traceroute

To wit at dslreports I look like 66.x.x.111 and traceroute it looks like 66.x.x.192 and dslreports says I'm not pingable but that would be at 66.x.x.111 when My mifi says it's 28.x.x.111 and the gateway on the mifi is 28.x.x.111 but isn't the same as the IP.

I got to wait to the end of the month to contact virginmobile or i got to go to the library to contact them tomorrow

seabro 05-22-2012 05:17 PM

hi,
is your 3g hotspot acting as a NAT router? You mention an address of 192.168.x.x

It sounds like your 3g hotspot is nat'ing in which case you will need to access it and set up port forwarding (if you havent already done so).

seabro

raypsi 05-22-2012 06:42 PM

in port forwarding it only has these:
Application IP Address on WLAN
DNS (Domain Name Server)
FTP Server
HTTP (Web) Server
NNTP Server
POP3 Server
SMTP Server
SNMP Server
Telnet Server
TFTP Server

raypsi 05-22-2012 06:51 PM

I can check mark any one of those I need the ip addy to tell it where to, forward to
127.0.0.1 or 0.0.0.0 ?

On further smurfing of this topic I find it ends up in the court of VirginMobile.

To wit they are blocking this at their routers/firewall.
Either I figure out how to use ssh from the shell to get around this or use a port forwarding proxy server

Finally you can port forward in the mifi 2200 you have to get to the config file download it off the mifi edit the config file by enabling dmz from 0 to 1 and then uploading it back to the mifi 2200. Even then they aren't passing the udp thru their remote routers


All times are GMT -5. The time now is 10:39 AM.