1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

UDP Ports always open

Discussion in 'HyperWRT Firmware' started by cla, Feb 2, 2005.

  1. cla

    cla Network Guru Member

    Hello,

    yesterday i have occurred, that all UDP Ports are in state "open" tho the firewall is activated and the TCP Ports are filterd as expected.

    Why is this so?

    Have found the same behavior with HyperWRT 1.3 and 2.0b4.
    Have done the portscan with nmap.
    I can use iChat too...without to open ports.

    This isnt the thing, that i expect from an firewall.

    And why there is only a section portforward in the firmware, and not a section for opening ports only?

    cla
     
  2. Toril

    Toril Network Guru Member

    UDP is a connectionless protocol... it's never really "open" or "closed" ... it just goes. TCP is a connection based-protocol. How did you find the udp ports open? [edit: ok with nmap :) do a "man nmap" and read about the false-positives you can get with UDP scanning -- the -sU option]

    Think of TCP as a piece of registered mail and UDP as a postcard. With TCP you get some sort of acknowledgement that everything went (or is going fine) ... UDP is like a "close your eyes hail mary pass". UDP has much less overhead , (and can therefor can be "quicker" with less latency) but TCP gives you piece of mind that there's something at the other end and the conversation is going nicely (or not).

    You can tell the firewall to pass UDP packets or drop them... perhaps it's not blocking them as you suspect it should, and passing on to an internal IP or device?
     
  3. cla

    cla Network Guru Member

    Ok. Have misunderstood the results that nmap had generated.

    But the problem is: If i have a paketfilter (Linksys) where i have the possibility to make rules for forwarding TCP AND UDP, and i dont have made rules for forwarding something (ichat for example (UDP 5060 and others)) i expect that it should not work.

    But it works tho i haven't made rules for it.
    So UDP-Pakets can go in without my admission.

    UPnP is disabled, so it can't be the explication for that.

    Why aren't the UDP packets dropped, until i allow their pass through a forwarding rule?

    cla
     

Share This Page