Menu
What's new
By:
Filters Better Search

RTRMON Should Port 53 Be Closed?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

dandle said:
I hope you don't mind it was quicker for me to grab just to show as an example. ;)
Click to expand...
Not a prob... ;) Feel free to mark this post with the "RTRMON" tag, so it can be more easily identified, and stands out as support needed for questions regarding the tool, k?
 
Viktor Jaep said:
There's no bug... I'm using the nmap tool to query the IP of your WAN0... and your BR0 interface. Definitely let us know what you find after reinstalling adguard.
Click to expand...
The way this is phrased makes it sound like you personally just did this :oops:

I take it to mean the script that you created you're using the tool to help us query our interfaces :)

Viktor Jaep said:
Not a prob... ;) Feel free to mark this post with the "RTRMON" tag, so it can be more easily identified, and stands out as support needed for questions regarding the tool, k?
Click to expand...

Will do! Thanks for the heads up on that and will report back on my findings after reinstalling Adguard.
 
Last edited:
Ok. So this does appear to be related to Adguard Home. With it installed, I reran the 'Diagnostics' command in RTMON and again port 53 appeared open under WAN0 IP for both TCP and UDP.

After uninstallation, I ran 'Diagnostics' once more which now shows WAN0 IP empty for TCP. Though for UDP it shows the following as open (for both WAN and Local)

67/udp open|filtered dhcps
137/udp open|filtered netbios-ns
138/udp open|filtered netbios-dgm
3702/udp open|filtered ws-discovery
5353/udp open|filtered zeroconf
Click to expand...

I'm guessing these are ok?

@SomeWhereOverTheRainBow Just wanted to loop you in if you have any ideas why this might be happening.
 
dandle said:
Ok. So this does appear to be related to Adguard Home. With it installed, I reran the 'Diagnostics' command in RTMON and again port 53 appeared open under WAN0 IP for both TCP and UDP.

After uninstallation, I ran 'Diagnostics' once more which now shows WAN0 IP empty for TCP. Though for UDP it shows the following as open (for both WAN and Local)



I'm guessing these are ok?

@SomeWhereOverTheRainBow Just wanted to loop you in if you have any ideas why this might be happening.
Click to expand...
Okay it is because adguardhome is listening on port 53 universally means it binds to every address. As long as you haven't open the port on the firewall then it is not accessible from outside your network. The same would happen if you were to use dnsmasq by itself.
 
SomeWhereOverTheRainBow said:
Okay it is because adguardhome is listening on port 53 universally means it binds to every address. As long as you haven't open the port on the firewall then it is not accessible from outside your network. The same would happen if you were to use dnsmasq by itself.
Click to expand...

@SomeWhereOverTheRainBow Thanks for the reply! It was alarming to see initially as you wouldn't expect to see that open on the WAN interface. So then is it safe to ignore? How would I make sure its ok. And no I haven't opened any ports on the Firewall.
 
Last edited:
dandle said:
Ok. So this does appear to be related to Adguard Home. With it installed, I reran the 'Diagnostics' command in RTMON and again port 53 appeared open under WAN0 IP for both TCP and UDP.

After uninstallation, I ran 'Diagnostics' once more which now shows WAN0 IP empty for TCP. Though for UDP it shows the following as open (for both WAN and Local)

I'm guessing these are ok?

@SomeWhereOverTheRainBow Just wanted to loop you in if you have any ideas why this might be happening.
Click to expand...
Those are fine... eventhough they show "open" under udp, they are also marked as "filtered"... which. means means that a firewall, filter, or other network obstacle is blocking the port.
 
Viktor Jaep said:
Those are fine... eventhough they show "open" under udp, they are also marked as "filtered"... which. means means that a firewall, filter, or other network obstacle is blocking the port.
Click to expand...
Thanks so much. That makes sense! One more thing. Port 53 open on the local interface (tcp/udp) is completely fine correct? Sorry as I mentioned not an advanced user!
 
dandle said:
Thanks so much. That makes sense! One more thing. Port 53 open on the local interface (tcp/udp) is completely fine correct? Sorry as I mentioned not an advanced user!
Click to expand...
Yep, that's perfectly fine... That's basically the DNS services your router is providing to your network/wireless clients in order to resolve IPs... ;) You are on your way to becoming an advanced user the more you dive into this... Good work!
 
SomeWhereOverTheRainBow said:
Okay it is because adguardhome is listening on port 53 universally means it binds to every address. As long as you haven't open the port on the firewall then it is not accessible from outside your network. The same would happen if you were to use dnsmasq by itself.
Click to expand...
So with that said. Would you still recommend this to use? I really enjoyed using Adguard Home for the few days I had it active, but I want to be absolutely sure that it's safe and doesn't present any privacy/security concerns. Thanks.
 
dandle said:
So with that said. Would you still recommend this to use? I really enjoyed using Adguard Home for the few days I had it active, but I want to be absolutely sure that it's safe and doesn't present any privacy/security concerns. Thanks.
Click to expand...
It is safe to use. By default, the firewall blocks anything that you have not intentionally open via firewall settings page or port forwards.
 
dandle said:
So with that said. Would you still recommend this to use? I really enjoyed using Adguard Home for the few days I had it active, but I want to be absolutely sure that it's safe and doesn't present any privacy/security concerns. Thanks.
Click to expand...
What is the complete output of iptables-save, if you do not see a wan facing iptable rule showing port 53 open to inbound traffic (or an inbound port 53 traffic accept rule), then you are fine. That means anyone trying to access port 53 from wan side (or outside your network) will be dropped by the firewall with the rest of unsolicited inbound wan traffic. Just because a program or app listens on an interface does not mean that it is not blocked from wan side solicitation. There are multiple angles to understanding this stuff. You can't just run a netstat and assume you are in danger of unsolicited traffic breaking through. You need to check your firewall. Or even try to access it your self via your WanIp address from outside your network. If you are met by bad answers, then you are being dropped by your firewall while you try solicited traffic via wan side.

I also want to challenge you, please review my shell scripts. I am curious to see if you can find any line of code that mentions I open your port 53 via the firewall. Look for any lines of code where i invoke your firewall to wan side.

github.com

GitHub - jumpsmm7/Asuswrt-Merlin-AdGuardHome-Installer: The Official Installer of AdGuardHome for Asuswrt-Merlin

The Official Installer of AdGuardHome for Asuswrt-Merlin - jumpsmm7/Asuswrt-Merlin-AdGuardHome-Installer
github.com github.com
 
Last edited:
dandle said:
Ok. So this does appear to be related to Adguard Home. With it installed, I reran the 'Diagnostics' command in RTMON and again port 53 appeared open under WAN0 IP for both TCP and UDP.

After uninstallation, I ran 'Diagnostics' once more which now shows WAN0 IP empty for TCP. Though for UDP it shows the following as open (for both WAN and Local)



I'm guessing these are ok?

@SomeWhereOverTheRainBow Just wanted to loop you in if you have any ideas why this might be happening.
Click to expand...
Those ones you see open on WAN are normal for you to have functioning internet.
 
SomeWhereOverTheRainBow said:
What is the complete output of iptables-save, if you do not see a wan facing iptable rule showing port 53 open to inbound traffic (or an inbound port 53 traffic accept rule), then you are fine. That means anyone trying to access port 53 from wan side (or outside your network) will be dropped by the firewall with the rest of unsolicited inbound wan traffic. Just because a program or app listens on an interface does not mean that it is not blocked from wan side solicitation. There are multiple angles to understanding this stuff. You can't just run a netstat and assume you are in danger of unsolicited traffic breaking through. You need to check your firewall. Or even try to access it your self via your WanIp address from outside your network. If you are met by bad answers, then you are being dropped by your firewall while you try solicited traffic via wan side.

I also want to challenge you, please review my shell scripts. I am curious to see if you can find any line of code that mentions I open your port 53 via the firewall. Look for any lines of code where i invoke your firewall to wan side.

github.com

GitHub - jumpsmm7/Asuswrt-Merlin-AdGuardHome-Installer: The Official Installer of AdGuardHome for Asuswrt-Merlin

The Official Installer of AdGuardHome for Asuswrt-Merlin - jumpsmm7/Asuswrt-Merlin-AdGuardHome-Installer
github.com github.com
Click to expand...
Thanks for clarifying! I've run the command but there's a large output and am unsure the syntax I should be looking for. I can't fully parse the output :)
Oh. I didn't mean to give the impression there was anything wrong with the code, sorry if it came across that way (to be honest, I wouldn't really know what to look for either). I just tend to be a little extra when it comes to these sort of things :)
 
You must log in or register to reply here.

Similar threads

M
AdGuardHome IPTables blocking TLS port 853 from other hosts
Replies
3
Views
299
dave14305
dave14305
Z
VPN Server on port 53/443?
2
Replies
26
Views
2K
Maverickcdn
Maverickcdn
J
Unbound Configure unbound with multiple VPNs
Replies
7
Views
748
Viktor Jaep
Viktor Jaep
J
pros and cons for the two common DNS setups for a local adblocker - adguard home
2
Replies
25
Views
2K
Tech9
Tech9
nothingness
Problem with reaching Adguard Home from outside home network
Replies
6
Views
1K
nothingness
nothingness
Similar threads
Thread starter Title Forum Replies Date
V Scribe Scribe nvram log_path - what should it be? Asuswrt-Merlin AddOns 4
N YazFi Can/Should YazFi be installed on external USB drive? Asuswrt-Merlin AddOns 2
S Skynet Skynet IOT blocking / view blocked devices (should i be worried)? Asuswrt-Merlin AddOns 6
R Skynet SkyNet, What's going on? should I be concerned? Asuswrt-Merlin AddOns 18
J Should asus "network map" show vpn clients? Asuswrt-Merlin AddOns 6
M AdGuardHome IPTables blocking TLS port 853 from other hosts Asuswrt-Merlin AddOns 3
T Turn a LAN Port into Guest ? Asuswrt-Merlin AddOns 2
Olndo Pindaro Moving usb pendrive entware from usb3 to usb2 port? Asuswrt-Merlin AddOns 20
Viktor Jaep BACKUPMON BACKUPMON v1.5.10 -Mar 1, 2024- Backup/Restore your Router: JFFS + NVRAM + External USB Drive! (**Thread closed due to age**) Asuswrt-Merlin AddOns 987

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 735 (members: 25, guests: 710)
Top