Re: Winmx *source* port 6257 - Valid?

From: Dolphy (mute_dolphin@yahoo.com)
Date: 08/18/02 

From: "Dolphy" <mute_dolphin@yahoo.com>
Date: Sun, 18 Aug 2002 13:32:15 -0500

Thanks for the response. Perhaps I did not make myself fully clear. The
packets are being dropped because my cable router is not configured to allow
them, not because of any network congestion or the like.

Ordinarily, the port 6257 traffic I see from WinMX has both source *and*
destination port set to 6257.

What you say makes some sense then. If a user has configured WinMX for UDP
traffic on a port other than 6257, I might expect to see some traffic there.
OTOH, I assume the port that's ised is a negotiated matter, and, since *I*
am configured for 6257, I'd guess not to see any other traffic coming my
way.

The plot thickens. Perhaps other clues will be forthcoming...

"Secret" <sendtosecret@hotmail.com> wrote in message
news:GzQ79.160372$v53.8694871@news3.calgary.shaw.ca...
> Destination port will differ depending on the other persons settings, any
> port number could be valid. UDP is not as strict a protocol as TCP so you
> may see more dropped packets then with TCP. It is assumed that the UDP
port
> traffic is of a less critical nature such as chat.
> ----------------
> Secret
>
>
> "Dolphy" <mute_dolphin@yahoo.com> wrote in message
> news:3d5fb6f8_1@news.teranews.com...
> > Hi,
> >
> > I know that WinMX wants to use port 6257 to receive UDP traffic.
> >
> > Accordingly, I have my cable router firewall configured to allow
incoming
> > UDP traffic WAN-TO-LAN to dest port 6257 (the firewall always permits
> > outbound UDP).
> >
> > WinMX is working just fine, with the many UDP packets targeted for 6257
> > being forwarded just fine.
> >
> > Oddly, I have a number of dropped UDP packets for port 6257. However,
> these
> > packets are *sourced* at 6257, not *destined* for 6257. The
destination
> > port varies widely (27763, 27399, 27453, at al). The amount of traffic
is
> > not large, but it exists.
> >
> > Does anyone know what these packets are, and whether they are
legitimate?
> >
> > The router firewall provides no way to set up a rule based on source
port,
> > and I wouldn't want to do it anyway. I have no way to examine these
> packets
> > without opening the machine to all traffic and running a packet sniffer.
> >
> > Thanks for any clues.
> >
> >
> >
> >
> >
> >
>
>

Relevant Pages

  • Re: pinging without root privileges
    ... > feasible, since I want to be able to do this w/out root privileges, so ... > The closest thing I found was a promise about sending UDP packets to ... > an unbound port, and looking for a port unreachable message. ... > weakness of UDP is that the sender has no way of knowing what happened ...
    (comp.unix.programmer)
  • Re: recvfrom udp packet dropping??
    ... The device sends UDP packets on port 4950 to a listener socket ... > The packets sent by the embedded device are getting to the UNIX ... Make sure your embedded network device is properly setting the UDP checksum. ...
    (comp.unix.programmer)
  • Intermittent NAT failure when multiple hosts send UDP packets
    ... This smells like a bug in UDP ip_nat_proto_udp.c or nearby. ... the destination port has been properly remapped from ... 5060 to 1024 to distingish between incoming packets. ...
    (Linux-Kernel)
  • Re: Zywall 50 Question
    ... The ICMP packets you see are simple ICMP Echo Request packets ... Regarding teh UDP port 53 attempts, ... I recommend that you allow the KNOWN secondary DNS servers to access ...
    (comp.security.firewalls)
  • Re: What is going on with my Dialup?
    ... also forward it to an unused port, and have that port provide the ... verses the RST or ICMP 3,3. ... The lack of response causes the remote computer to make ... Others think that by not responding to unwanted packets, ...
    (comp.os.linux.networking)