Lots of open ports

I2P router issues
Post Reply
xaozai
Posts: 4
Joined: 11 Mar 2019 14:35

Lots of open ports

Post by xaozai »

Could you explain why router opens so many ports and how to select the interfaces for which these ports will be open in the settings?
Especially interested in ports: 7652, 7653, 7654, 7657, 1900, 25769, 32000.
Yes, I know iptables can solve the problem, I just want to clarify it for myself.
What are these ports responsible for and how to specify the interfaces/addresses for which they will be open in the settings.

Code: Select all

# netstat -natup | grep java
tcp        0      0 127.0.0.1:32000         0.0.0.0:*               LISTEN      178666/java         
tcp6       0      0 127.0.0.1:4444          :::*                    LISTEN      178666/java         
tcp6       0      0 300:42a:fdf5:1e98::7652 :::*                    LISTEN      178666/java         
tcp6       0      0 200:42a:fdf5:1e98::7652 :::*                    LISTEN      178666/java         
tcp6       0      0 192.168.1.17:7652       :::*                    LISTEN      178666/java         
tcp6       0      0 10.150.1.143:7652       :::*                    LISTEN      178666/java         
tcp6       0      0 127.0.0.1:7654          :::*                    LISTEN      178666/java         
tcp6       0      0 127.0.0.1:7657          :::*                    LISTEN      178666/java         
tcp6       0      0 ::1:7657                :::*                    LISTEN      178666/java         
tcp6       0      0 :::25769                :::*                    LISTEN      178666/java         
tcp6       0      0 127.0.0.1:7657          127.0.0.1:53072         ESTABLISHED 178666/java         
tcp6       0      0 192.168.1.17:60536      187.235.103.9:23541     ESTABLISHED 178666/java         
tcp6       0      0 192.168.1.17:41374      150.95.89.56:9169       ESTABLISHED 178666/java         
tcp6       0      0 127.0.0.1:31000         127.0.0.1:32000         ESTABLISHED 178666/java         
udp6       0      0 :::25769                :::*                                178666/java         
udp6       0      0 :::1900                 :::*                                178666/java         
udp6       0      0 :::1900                 :::*                                178666/java         
udp6       0      0 :::1900                 :::*                                178666/java         
udp6       0      0 :::1900                 :::*                                178666/java         
udp6       0      0 300:42a:fdf5:1e98::7653 :::*                                178666/java         
udp6       0      0 200:42a:fdf5:1e98::7653 :::*                                178666/java         
udp6       0      0 192.168.1.17:7653       :::*                                178666/java         
udp6       0      0 10.150.1.143:7653       :::*                                178666/java
Settings are in the picture in the attachment.
Attachments
i2p_tun_settings.png
i2p_tun_settings.png (179.2 KiB) Viewed 5340 times
xaozai
Posts: 4
Joined: 11 Mar 2019 14:35

Re: Lots of open ports

Post by xaozai »

Found some information here: https://geti2p.net/en/faq#ports

However, it is unclear why, for example 7652, 7653 binds to IPv6.
And what is port 25769 for?
echelon
Posts: 261
Joined: 10 Feb 2018 13:36

Re: Lots of open ports

Post by echelon »

HI

Ok, now you identified your IP, your node ID and your port your node uses in one go.

First: i2p uses IPv4 and IPv6, also services do bind on both. As there are several services, each needs at least one port for iPv4 and one for IPv6, but all is localhost, as seen in your screenshot.

Second: each node get a uniqe port (as written in FAQ and router console not to be published ANYwhere, as it de-anonymize you) on first start. Thats the port other i2p nodes connects to yours. As the port is unique, you published your node now.

echelon
xaozai
Posts: 4
Joined: 11 Mar 2019 14:35

Re: Lots of open ports

Post by xaozai »

I'm just experimenting with it for now and I want to clarify some things for myself...

The fact is that these IPv6, which I showed above, are from the deprecated range.
And it's something similar to a VPN, but not quite )
This is the Yggdrasil network (yggdrasil-network.github.io).
Thus, the mentioned ports become accessible from this network.
I don't need it and have to use iptables to restrict access.

It would be better if we could specify the interfaces on which these ports should be opened.
In my case, these addresses are on the tun interface.
UPnP on tun is wrong. Isn't it?

[this is offtopic, but...] And yet, I came across "a feature" that if you set up the i2p router in private mode, do not use UPnP and limit transit traffic to zero, then these settings are not saved. The next time you start, the setup wizard starts again. Sadness :(
echelon
Posts: 261
Joined: 10 Feb 2018 13:36

Re: Lots of open ports

Post by echelon »

hi

all is config-able, not all directly in gui, but at least in config files.
But >99% of users never need to change the interface services bind to and/or ports, so no need to make it changeable in gui.

UnPnP is based on a external lib, whoich tries to figure out the available UnPnP devices, but you can disable this, to.

echelon
Post Reply