greengreen
04-06-2007, 17:38
Hi,
on my router is running xmail,php on port 6017,79(finger),1026 but this ports are open from wan.Could I close this port from wan?
my ps:
158 green 1068 S /opt/bin/php-fcgi -b 1026
170 green 400 S udhcpc -i vlan1 -p /var/run/udhcpc0.pid -s /tmp/udhcpc
172 green 688 S /opt/sbin/lighttpd -f /opt/etc/lighttpd/lighttpd.conf
174 green 3580 S /opt/bin/php-fcgi -b 1026
177 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
223 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
224 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
225 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
226 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
227 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
228 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
229 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
230 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
231 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
netstat -a
tcp 0 0 *:6017 *:* LISTEN
tcp 0 0 *:1026 *:* LISTEN
tcp 0 0 *:pop3 *:* LISTEN
tcp 0 0 *:finger *:* LISTEN
tcp 0 0 *:www *:* LISTEN
tcp 0 0 *:81 *:* LISTEN
tcp 0 0 *:ftp *:* LISTEN
tcp 0 0 *:domain *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 localhost.localdomai:81 localhost.localdom:1100 TIME_WAIT
tcp 0 0 localhost.localdomai:81 localhost.localdom:1101 TIME_WAIT
tcp 0 0 localhost.localdomai:81 localhost.localdom:1102 TIME_WAIT
tcp 0 0 localhost.localdomai:81 localhost.localdom:1103 TIME_WAIT
tcp 0 0 localhost.localdomai:81 localhost.localdom:1099 TIME_WAIT
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 ::ffff:xxxxxxxx.:ssh ::ffff:192.168.1.2:2622 ESTABLISHED
udp 0 0 *:1024 *:*
udp 0 0 localhost.localdo:34954 *:*
udp 0 0 *:domain *:*
udp 0 0 *:bootps *:*
raw 0 0 *:1 *:* 0
raw 0 0 *:255 *:* 0
my iptables :
Chain INPUT (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
SECURITY all -- anywhere anywhere state NEW
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ACCEPT tcp -- anywhere xxxxxxxxxx tcp dpt:www
ACCEPT tcp -- anywhere xxxxxxxxxx tcp dpt:81
REJECT tcp -- anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:www
DROP tcp -- anywhere anywhere tcp dpt:6017
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
on my router is running xmail,php on port 6017,79(finger),1026 but this ports are open from wan.Could I close this port from wan?
my ps:
158 green 1068 S /opt/bin/php-fcgi -b 1026
170 green 400 S udhcpc -i vlan1 -p /var/run/udhcpc0.pid -s /tmp/udhcpc
172 green 688 S /opt/sbin/lighttpd -f /opt/etc/lighttpd/lighttpd.conf
174 green 3580 S /opt/bin/php-fcgi -b 1026
177 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
223 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
224 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
225 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
226 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
227 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
228 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
229 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
230 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
231 green 884 S /opt/bin/XMail -Md -SX 1 -Sl -Qn 1 -Ql -Yt 1 -Yl -Ln 1 -Ll -PX 1 -Pl -CX 1 -Cl
netstat -a
tcp 0 0 *:6017 *:* LISTEN
tcp 0 0 *:1026 *:* LISTEN
tcp 0 0 *:pop3 *:* LISTEN
tcp 0 0 *:finger *:* LISTEN
tcp 0 0 *:www *:* LISTEN
tcp 0 0 *:81 *:* LISTEN
tcp 0 0 *:ftp *:* LISTEN
tcp 0 0 *:domain *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 localhost.localdomai:81 localhost.localdom:1100 TIME_WAIT
tcp 0 0 localhost.localdomai:81 localhost.localdom:1101 TIME_WAIT
tcp 0 0 localhost.localdomai:81 localhost.localdom:1102 TIME_WAIT
tcp 0 0 localhost.localdomai:81 localhost.localdom:1103 TIME_WAIT
tcp 0 0 localhost.localdomai:81 localhost.localdom:1099 TIME_WAIT
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 ::ffff:xxxxxxxx.:ssh ::ffff:192.168.1.2:2622 ESTABLISHED
udp 0 0 *:1024 *:*
udp 0 0 localhost.localdo:34954 *:*
udp 0 0 *:domain *:*
udp 0 0 *:bootps *:*
raw 0 0 *:1 *:* 0
raw 0 0 *:255 *:* 0
my iptables :
Chain INPUT (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
SECURITY all -- anywhere anywhere state NEW
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ACCEPT tcp -- anywhere xxxxxxxxxx tcp dpt:www
ACCEPT tcp -- anywhere xxxxxxxxxx tcp dpt:81
REJECT tcp -- anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:www
DROP tcp -- anywhere anywhere tcp dpt:6017
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh