Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 11 November 2024, 06:50:24 am

Login with username, password and session length

Visit the Official Endian Bug tracker  HERE
14253 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  [resolved] odd, outgoing connections on new 2.4.1 installation
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: [resolved] odd, outgoing connections on new 2.4.1 installation  (Read 9700 times)
jay
Jr. Member
*
Offline Offline

Posts: 2


« on: Friday 20 May 2011, 06:09:23 am »

While testing a new EFW install, I noticed a number of short, outgoing connections (on the status page) between the uplink NIC and a lot of external IP addresses. Most of them started and disappeared within a few seconds. I took a screenshot of some of them.

Most of the connections in my screenshot are using port 123 (NTP) and UDP. It seems odd that EFW would want to talk to so many different servers.

Also, the uplink NIC is my red NIC -- I don't know if that's always the case -- and it was unplugged while all of this was going on. Logically, it was setup like this:

internet > old router > EFWgreen, PC

So, for some reason EFW was reaching out to these servers from its unplugged red NIC address. What's going on?
Logged
bendeliduka
Jr. Member
*
Offline Offline

Posts: 4


« Reply #1 on: Friday 20 May 2011, 06:34:52 am »

More correctly, the EFW was *ATTEMPTING* to reach out to these IP's through the RED interface.

NTP (Network Time Protocol) is used to set/sync the clock on the server with known time servers on the internet.  You can try clicking on the IP's that were the being connected to to verify they are indeed time servers, but I would not find the traffic suspicious.

btw, by convention RED is the external or untrusted interface while GREEN is the trusted interface.
Logged
jay
Jr. Member
*
Offline Offline

Posts: 2


« Reply #2 on: Friday 20 May 2011, 07:53:14 am »

Thanks, bendel. I assumed those connections were succesful but now the "status" column to the right makes perfect sense.

I looked up a few of the IPs and saw one NTP server, one mail server, and some not as obvious. Anyway, thanks for the reassurance. Now I can get back to setting this guy up.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com