Topic: Close outboud port

[srushik]

I am using SME as a server/gateway.
I need to close an outbound port (TCP Port 20) for all users in the LAN
How do I close an outbound port?

Thanks,
Shane

[johnp]

Reading this may help http://wiki.contribs.org/Firewall#Block_outgoing_ports

[srushik]

Thank you.  I followed that document.
Very helpful.

[CharlieBrady]

I need to close an outbound port (TCP Port 20) for all users in the LAN

If you do that, you will interfere with some ftp transfers. Is that what you are trying to do? If so, you would be better to block port 21 outbound.

[srushik]

I don't want to block any FTP transfers.  I believe all my ftp software is connecting on port 21, not port 20.

I have no idea what's running on port 20, but I have something sending from port 20, and hitting one of my web hosts.  The web host doesn't like that activity on hitting them on Port 20.  So I wanted to shut it down till I could identify what is running on that port.

It's interesting to hear you say that port 20 is used for some FTP transfers.  Something for me to look into for sure.

Thanks

[Stefano]

well.. in this case, as your SME is your gw, use tcpdump to discover who's making outbound traffic on remote 20 TCP

just closing the door will not solve the problem

[byte]

Normally port 20 is created for "data transfers", so FTP uses port 21 for creating the connection between two computers and port 20 is used for data transfer.

[srushik]

You are super helpful.  I'll use tcpdump and do some discover to find where this is coming from.  Thanks for the caution on FTP connections over PORT 20.

[CharlieBrady]

I have no idea what's running on port 20, but I have something sending from port 20, and hitting one of my web hosts.  The web host doesn't like that activity on hitting them on Port 20.

Then you should fix the web host (probably by just ignoring port 20 traffic).