Results 1 to 5 of 5
  1. #1
    Untangler
    Join Date
    Oct 2016
    Location
    Left Coast
    Posts
    67

    Default How can I block an outbound port for one device?

    I have a NAS box that has updated itself last week, and ever since it has been connecting to a HUGE number of random IPs all over the world, none of which have WhoIs info... Seems suspicious, so I want to block that NAS from doing so. The connections are always from port 51413.
    I know the fixed IP of the NAS, but I cannot find an entry anywhere for the "Client Port". How can I do this?

  2. #2
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,367

    Default

    firewall app
    The world is divided into 10 kinds of people, who know binary and those not

  3. #3
    NuX
    NuX is offline
    Untanglit
    Join Date
    Nov 2020
    Posts
    16

    Default

    adding to dwasserman post

    if you need further assistance
    something like this should work.
    Screenshot 2020-11-30 195923.png

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,249

    Default

    Source port is possible in firewall rules, but not without a UI hack because it's almost never legitimately used... so it was removed from the UI to save support tickets.

    I personally would be using the above rule to prevent all Internet access from that device entirely, and be looking to manually flash the firmware on it. Also, what NAS is it? And did you enable any cloud services? Or have any install on it automatically?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Master Untangler
    Join Date
    Apr 2020
    Location
    United Kingdom
    Posts
    125

    Default

    Could that port have something to do with Bittorrent? So if you have an app running on the NAS that does that, that's how it's communicating with trackers etc... I have the same port show up on an Ubuntu server running the Transmission daemon.
    Last edited by Armshouse; 12-02-2020 at 02:17 AM. Reason: typo

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2