This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UDP source port 0

Hi,

I have to open a connection from UDP source port 0 to UDP destination port 8254.

But the lower service port I can define is 1.

All the packets are always dropped.
2012:11:16-18:30:13 fw ulogd[4600]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x1000" srcmac="0:22:90:c6[:D]b[:D]a" dstmac="0:c:29:78:5d:34" srcip="178.237.87.12" dstip="10.10.10.10" proto="17" length="1344" tos="0x00" prec="0x00" ttl="61" srcport="0" dstport="8254" 

Any idea on how to do ?
Thank you
Regards,
Romano


This thread was automatically locked due to age.
Parents
  • Typically, an "any" port to a specific port should be intrepreted as a source port of 1024 to 65535 (expressed in the utm as 1024:65535). ... Standards compliant apps use the random high port range to initiate connections to a specific destination port.  As the other guys have pointed out, port 0 is not a valid port.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • Typically, an "any" port to a specific port should be intrepreted as a source port of 1024 to 65535 (expressed in the utm as 1024:65535). ... Standards compliant apps use the random high port range to initiate connections to a specific destination port.  As the other guys have pointed out, port 0 is not a valid port.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
  • @Barry: by a TV provider, it's a streaming traffic.
    @oldeda: it's not possible on UTM to define "any" for source or destination ports, you must specify a number from 1 to 65535.

    And again, 0 is not an invalid port. Reserved but not invalid.
    My position is not to try to say how Astaro is wrong, i like this product and would continue to use it, but I have a trafic I need and I want to pass it to my network. I can do that with every non expensive firewall on the market.

    Nobody have an idea how to make a rule, or a workaround ?