You are not logged in.

Pages: 1

#1 2023-12-08 05:30:21

theseamorefamily
Member
Registered: 2023-12-08
Posts: 29

outbound TCP packets required to 95.216.195.133 for my home internet.

hi. my name is mr. seamore and i have a family that i am teaching networking to.

our operating system of choice at this time is Gnome 45 and it appears that the required NETWORK MANAGER program conglomeration of  a sort is using a ?NGINX? type of server corresponding to  "redirect.archlinux.org" as some sort of outbound TCP packet requirement for m internet to function.

i know this because after extensive experimentation to close port 80 i finally created a "floating outbound firewall rule" from my WAN to 95.216.195.133 which we know from further investigation that is an internet protocol address for REDIRECT.ARCHLINUX.ORG

Will someone pls explain why this is happening, and if there is a way to stop this from happening with Gnome's Network Manager?

Because that would be great! THX. ~ Mr. Matthew Oliver Seamore, III

p.s. i used an nmap --script vulners scan on MY LAN network to discover the "nginx" association of port 80, which is shown as open but is clearly closed to all but this one outbound ip address as per my firewall and packet sniffer logs

Offline

#2 2023-12-08 07:36:52

loqs
Member
Registered: 2014-03-06
Posts: 18,928

Re: outbound TCP packets required to 95.216.195.133 for my home internet.

NetworkManager#Checking_connectivity

Offline

#3 2023-12-08 22:08:47

theseamorefamily
Member
Registered: 2023-12-08
Posts: 29

Re: outbound TCP packets required to 95.216.195.133 for my home internet.

thanks it worked and i was able to disable the floating rule for the arch redirect, - HOWEVER - i see the ping server redirect  is still being logged as attempting to redirect port 80 outbound tcp:S packets from the LAN using very high source ports:

    Time     Interface     Source     Destination     Protocol
    xDec 8 14:04:29    LAN    11.11.11.20:58462    95.216.195.133:80    TCP:S
    xDec 8 14:02:21    LAN    11.11.11.20:36986    95.216.195.133:80    TCP:S
    xDec 8 14:01:17    LAN    11.11.11.20:40612    95.216.195.133:80    TCP:S
    xDec 8 14:00:45    LAN    11.11.11.20:44930    95.216.195.133:80    TCP:S
    xDec 8 14:00:29    LAN    11.11.11.20:52540    95.216.195.133:80    TCP:S
    xDec 8 14:00:17    LAN    11.11.11.20:56764    95.216.195.133:80    TCP:S
    xDec 8 14:00:15    LAN    11.11.11.20:56750    95.216.195.133:80    TCP:S
    xDec 8 14:00:15    LAN    11.11.11.20:56734    95.216.195.133:80    TCP:S
    xDec 8 14:00:09    LAN    11.11.11.20:49146    95.216.195.133:80    TCP:S
    xDec 8 14:00:04    LAN    11.11.11.20:49130    95.216.195.133:80    TCP:S
    xDec 8 14:00:02    LAN    11.11.11.20:49120    95.216.195.133:80    TCP:S
    xDec 8 14:00:02    LAN    11.11.11.20:49114    95.216.195.133:80    TCP:S

so the internet dependency is resolved but the offending behavior exists upon a network reboot?

Offline

#4 2023-12-08 22:36:48

loqs
Member
Registered: 2014-03-06
Posts: 18,928

Re: outbound TCP packets required to 95.216.195.133 for my home internet.

What change did you make?  What is the output of `find /etc/systemd -name \*.service -type l -a -xtype f -printf %f\\n` Please use code tags for commands and their outputs.

Offline

#5 2023-12-09 00:02:10

theseamorefamily
Member
Registered: 2023-12-08
Posts: 29

Re: outbound TCP packets required to 95.216.195.133 for my home internet.

I made the suggested change using vim as "read only" and it seemed to fix the problem..:

/etc/NetworkManager/conf.d/20-connectivity.conf

[connectivity]
enabled=false

Here is the output from your latest reply:

pipewire-session-manager.service
wireplumber.service
xdg-user-dirs-update.service
getty@tty1.service
NetworkManager.service
dbus-org.freedesktop.nm-dispatcher.service
NetworkManager-wait-online.service
display-manager.service
dbus-org.freedesktop.timesync1.service
systemd-timesyncd.service

not sure what code tags you need, i'm on the noob thread.. wink

Last edited by theseamorefamily (2023-12-09 00:02:29)

Offline

#6 2023-12-09 00:22:05

loqs
Member
Registered: 2014-03-06
Posts: 18,928

Re: outbound TCP packets required to 95.216.195.133 for my home internet.

theseamorefamily wrote:

I made the suggested change using vim as "read only" and it seemed to fix the problem..:

I do not understand what using vim as "read only" means.  Was the file opened as read only by vim because the file could not create it or you saved the file read only?  Does the file exist now?   By "seemed to fix" you mean until the system was restarted?

theseamorefamily wrote:

not sure what code tags you need

See the BBCode link which is linked at the bottom of the post message form.

Offline

#7 2023-12-09 05:25:24

theseamorefamily
Member
Registered: 2023-12-08
Posts: 29

Re: outbound TCP packets required to 95.216.195.133 for my home internet.

perhaps i should rephrase my statement: vim as user and superuser saved the file as "read only," in my haste i didn't think to bother with my assigned umask for the touch command.

however, this case is closed - the offending party ceased activities at approximately      Dec 8 15:24:29

thank you!

Offline

#8 2023-12-09 10:11:30

loqs
Member
Registered: 2014-03-06
Posts: 18,928

Re: outbound TCP packets required to 95.216.195.133 for my home internet.

theseamorefamily wrote:

however, this case is closed

Please mark the thread as solved by editing your first post and prepending [SOLVED] to the title.

Offline

Pages: 1

Board footer

Powered by FluxBB