You are not logged in.

Pages: 1

#1 2018-09-20 18:19:08

avi9526
Member
Registered: 2015-05-15
Posts: 117

[SOLVED] ntopng listening on some high udp ports

Playing with ntopng https://aur.archlinux.org/packages/ntopng/
and find that it is listening on some high udp ports:

netstat -pntua | grep $(pidof ntopng)

tcp        0      0 127.0.0.1:3000          0.0.0.0:*               LISTEN      8508/ntopng         
udp        0      0 ***********:37645       0.0.0.0:*                           8508/ntopng         
udp        0      0 ***********:57890       0.0.0.0:*                           8508/ntopng         
udp        0      0 0.0.0.0:59089           0.0.0.0:*                           8508/ntopng

ntopng running as systemd service:

…
ExecStart=/usr/bin/ntopng \
        --disable-autologout \
        --disable-login=1 \
        --user=ntopng \
        --data-dir="/var/lib/ntopng/" \
        --local-networks="10.0.0.0/8,192.168.0.0/24,172.16.0.0/16" \
        --dns-mode=3 \
        --http-port=127.0.0.1:3000 \
        --http-prefix="/*****" \
        --redis="/var/run/redis-ntopng/redis.sock"
…

I didn't find description in manual. Does anyone know what this ports are used for?

Last edited by avi9526 (2018-10-01 22:06:17)

Offline

#2 2018-10-01 22:05:59

avi9526
Member
Registered: 2015-05-15
Posts: 117

Re: [SOLVED] ntopng listening on some high udp ports

https://github.com/ntop/ntopng/issues/2076

those two upd sockets are open to perform multicast DNS queries during active network discovery.

    Class MDNS: https://github.com/ntop/ntopng/blob/dev … NS.cpp#L35
    Network discovery in ntopng: https://www.ntop.org/ntopng/network-dev … discovery/

Offline

Pages: 1

Board footer

Powered by FluxBB