1. Home
  2. Networking Firewalls
  3. Repeated attempts to 4662 tcp/udp

Repeated attempts to 4662 tcp/udp

hi there, yesterday I wanted to experiment something with iptables, so I set up my cisco soho 77 to become transparent and route all inbound traffic to a pc on my lan, 10.10.10.33 . So I opened Amule and tried to connect to a server, then shut down it in about two minutes (just to analyze some packet). Amule was set to 4662 TCP/UDP to have a highid (active connection) however, it's about three hours that I've shut down the application, and I see a load of packets dropped, in linux with iptables and in windows. here's an extract from windows firewall:

2005-03-23 07:56:30 DROP UDP 81.36.209.69 10.10.10.33 4672 4662 55 - -

- - - - - RECEIVE

2005-03-23 07:56:31 DROP UDP 62.117.11.252 10.10.10.33 4672 4662 63 -

- - - - - - RECEIVE

2005-03-23 07:56:32 DROP TCP 83.165.67.76 10.10.10.33 2614 4662 48 S 2199089281 0 16384 - - - RECEIVE 2005-03-23 07:56:34 DROP UDP 80.236.55.185 10.10.10.33 4672 4662 63 -

- - - - - - RECEIVE

2005-03-23 07:56:35 DROP UDP 80.14.54.72 10.10.10.33 4672 4662 63 - -

- - - - - RECEIVE

2005-03-23 07:56:38 DROP TCP 83.165.67.76 10.10.10.33 2614 4662 48 S 2199089281 0 16384 - - - RECEIVE 2005-03-23 07:56:40 DROP UDP 82.225.20.30 10.10.10.33 5672 4662 63 - -

- - - - - RECEIVE

2005-03-23 07:56:40 DROP UDP 80.130.209.195 10.10.10.33 4672 4662 63 -

- - - - - - RECEIVE

2005-03-23 07:56:41 DROP UDP 61.144.196.191 10.10.10.33 58958 4662 63

- - - - - - - RECEIVE

2005-03-23 07:56:41 DROP UDP 83.135.74.17 10.10.10.33 65293 4662 55 -

- - - - - - RECEIVE

2005-03-23 07:56:43 DROP UDP 84.4.124.219 10.10.10.33 4672 4662 55 - -

- - - - - RECEIVE

2005-03-23 07:56:44 DROP UDP 81.38.223.77 10.10.10.33 4672 4662 55 - -

- - - - - RECEIVE

2005-03-23 07:56:47 DROP UDP 62.179.76.3 10.10.10.33 4672 4662 55 - -

- - - - - RECEIVE

2005-03-23 07:56:49 DROP UDP 82.231.32.163 10.10.10.33 4672 4662 55 -

- - - - - - RECEIVE

2005-03-23 07:56:52 DROP UDP 218.28.104.9 10.10.10.33 4672 4662 63 - -

- - - - - RECEIVE

2005-03-23 07:56:52 DROP UDP 82.64.143.82 10.10.10.33 4672 4662 63 - -

- - - - - RECEIVE

The funny thing is that *mule uses per default tcp/4662 - udp/4672, I've changed this value in preferences (tcp-udp/4662 same port), and as we can see packets arrive on udp 4662, as my choice.

I'm wondering why I still receive those packets, *mule applications are not running from hours, do you have any explanations? There aren't any machines active on my internal network than mine.

Thanks

Reply to
kain
Loading thread data ...

Just a guess but I assume since you did run it for a few hours there are still servers looking back at your IP address still expecting it to be sharing files. After a bit it will die down again. My son runs a Bittorrent client downloading anime movies. Even with his computer down for a while my router still logs hits on the appropriate TCP ports. Guess this is the same thing.

Reply to
Jbob

eMule/aMule use all this ports: 4661/tcp 4662/tcp 4672/udp 4665/udp

4711/tcp 4242/tcp

I took it from a page on how to configure a firewall to use eMule, but my experience trying just the opposite, stop it, it's that it uses even more ports.

Regards.

Reply to
Jose Maria Lopez Hernandez

I reconnected to the server, removed my share, disconnected and every attempts stopped.

funny

Reply to
kain

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.