Can't seem to block port 179 - BGP
-
I was just testing the firewall at my network using the Steve Gibson's Shields UP - to see if there were any ports open, and had found the following ports visible from the Internet
113 - IDENT port was closed, and visible.
179 - BGP port was open.I do not have any port forwarding rules, and I haven't configured any open ports to my network as I do not run any services. I have tried adding block rules as floating and as specific to the WAN port to block both of those Ports 113, and 179, - but they're not being blocked.
I have tried Sheldon's and canyouseeme security testing websites, and both report bgp port 179 open on my pfsense.
I would like to close port 179. - Is there any way I can close it? I'm running an IPv4 network.
I'm currently running pfsense 22.05 version.
-
@tigo every port on WAN is closed by default.
if it's open now
- either you changed the default config to open it.
- your isp has a device in front of pfsense that has those ports open. is your isp using cgnat ?
-
@tigo said in Can't seem to block port 179 - BGP:
I would like to close port 179. - Is there any way I can close it? I
As @heper :
Disconnect your ISP router (modem ?) and you will see no more "Steve Gibson's Shields UP" issues.
Rule of thumb :
If your pfSense WAN interface(s) and the Floating interface do not contain any firewall rules, then all "out of state" traffic will get directed to /dev/null ( a black hole ;) ).
No exceptions. -
@tigo As others have stated, its most likely the device in front of pfsense.
Simple test, like you said you went to can you see me and shows open. So do a sniff on pfsense wan when you run the test, do you actually see that traffic hit pfsense wan?
Simple packet capture under diagnostic menu.
Out of the box pfsense has no ports open on wan, not even icmp.
-
Many thanks for your replies. My new ISP is using cgnat with his device having those open/closed, and I happen to be behind one of those shared IPs. I did the sniffer test, and all incoming traffic on those ports for me were blocked. A bit annoying as I formatted the pfsense installation that I had and resetup everything when I doubted my initial installation, then I sought help here.
Indeed the princicple of a firewall is to block all traffic unless specifcally permitted. :)
Cheers,