Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFSense : port 0 closed? AFAIK it's not a real port.

    Scheduled Pinned Locked Moved
    Firewalling
    5
    6
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LuciferSam
      last edited by

      Hello everybody,
      here my network
      WiMax Antenna (192.168.3.1) –> Alix with WAN interface at 192.168.3.254 --> LAN

      now: i've tried "shields up" site against my firewall (with latest PfSense) and:

      • With a debian with iptables everything is stealth (0 port, too)
      • With PfSense the 0 port it's not stealth but closed.

      Should I worry about this port, or should ignore this port?

      Thank you

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Not sure what you would be doing on pfsense to have it show 0 closed?  Mine doesn't all it shows is port 443 which is the only port I have forwarded in that range scanned..

        GRC Port Authority Report created on UTC: 2015-10-31 at 11:10:51

        Results from scan of ports: 0-1055

        1 Ports Open
          0 Ports Closed
        1055 Ports Stealth
        –-------------------
        1056 Ports Tested

        NO PORTS were found to be CLOSED.

        The port found to be OPEN was: 443

        Other than what is listed above, all ports are STEALTH.

        TruStealth: FAILED - NOT all tested ports were STEALTH,
                          - NO unsolicited packets were received,
                          - A PING REPLY (ICMP Echo) WAS RECEIVED.

        So what does your report say?  Its says 0 is open???  Or you reading this a port 0 is closed?? 0 Ports Closed

        Can you post your wan rules..

        scan.png
        scan.png_thumb
        wanrules.png
        wanrules.png_thumb

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.03 | Lab VMs 2.7.2, 24.03

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          Oh noes, the Gibson's shit once again. Look, there's zero difference between closed and "stealth", security wise. Also, having a PTR record is not dangerous, contrary to that guy's belief, and responding to ping does not harm anyone either. Finally:

          /etc/inc/filter.inc

          
# We use the mighty pf, we cannot be fooled.
block {$log['block']} quick inet proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0"
block {$log['block']} quick inet proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0"
block {$log['block']} quick inet6 proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0"
block {$log['block']} quick inet6 proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0"

          P.S. Is he still selling the Spinrite snake oil that claims to cure faulty HDDs by superlowlevel format?  ::)

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            With you 110% on the gibson snakeoil shit dok..

            Just trying to understand what the OP is seeing.. since it shouldn't be showing 0 closed even if the test is a bunch of hype about "stealth" ;)

            I think the OP is see where it says 0 ports closed as being port 0 ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.03 | Lab VMs 2.7.2, 24.03

            JonathanLeeJ 1 Reply Last reply Reply Quote 0
            • JonathanLeeJ
              JonathanLee @johnpoz
              last edited by

              @johnpoz is port 0 just snake oil sales ? Or is that useable in Linux ? Or any os?

              Make sure to upvote

              GertjanG 1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan @JonathanLee
                last edited by

                @JonathanLee

                The concept of "port 0" was probably be introduced to make people aware of the fact that a protocol like ICMP doesn't use a "ports".
                Dono why "0" was chosen.
                N/A is probably also a good choice.
                Or a "syntax error".

                Remember : Gybson had to make pure rocket science (back then) clear to the public.

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post