dlink 624, forwarding most ports

[Wotrop]

Hey all.

I have a dlink 624 but am having problems all the time with port forwarding.

So i got this great idea!

What if I just forward say ports 10000 - whatever port i can go up to, and direct it all to my computer on the network.

Problem is I have no clue what to do! Portforward says i cant forward enough ports and dlink is no help

any help would be loved

 

[DelJo63]

what are you trying to do with port forwarding (PF)? Each port is unique to
a particular service running on a particular system, eg: port 80 is the default
for a web server. There are a few applications that use a range of ports,
like 6500-6510, but I.T. pros really dislike them for security reasons.

the normal use of PF is to forward just the specific few required.
so i'll move the question again, what are you trying to achieve?

 

[Wotrop]

well the idea is to not need to forward multiple ports for diff programs and just have 1 huge range that comes to my computer. ports 10000 and up. I dont want port 80, 21 or all important ones forwarded, just the 5 digit ones.

 

[DelJo63]

ports 10000 and up. I dont want port 80, 21 or all important ones forwarded, just the 5 digit ones.

let's get the basics correct.
a browser creates a socket (aka port) > 1024, makes a request to a service
(eg web server), and the server replies to the same port upon which the request
was make. Normally, this means ports >1024 are NOT required.

open ports above 1024 are ripe for attack! I highly recommend you rethink why you're doing this

for example, here's some clips from my router log, showing unsolicited attempts to access my system:
48| <SPI: non-existing connection> <TCP>Source=209.18.34.104, Destination=AA.BB.CCC.DDDD:32901
49| <SPI: non-existing connection> <TCP>Source=209.18.34.104, Destination=AA.BB.CCC.DDDD:32859
50| <SPI: non-existing connection> <TCP>Source=209.18.34.104, Destination=AA.BB.CCC.DDDD:32901
51| <SPI: non-existing connection> <TCP>Source=209.18.34.104, Destination=AA.BB.CCC.DDDD:32859
52| <SPI: non-existing connection> <TCP>Source=209.18.34.104, Destination=AA.BB.CCC.DDDD:32901
53| <SPI: non-existing connection> <TCP>Source=209.18.34.104, Destination=AA.BB.CCC.DDDD:32859
54| <SPI: non-existing connection> <TCP>Source=209.18.34.104, Destination=AA.BB.CCC.DDDD:32859
55| <SPI: non-existing connection> <TCP>Source=209.18.34.104, Destination=AA.BB.CCC.DDDD:32901

 

[Wotrop]

NOTE:

i have a hardware firewall.:angel: not just my router.

 

[Samstoned]

ya you should be able do a range
both tcp udp
check manual on port forward setup
my linksys is setup like
(program name) range 8080 / 18080 both for udp tcp
check the net for highest used port numbers
opening all those ports will allow the nasties in
some routers have a dmz port for one machine that may work better

 

[Wotrop]

yea im running on dmz right now but it doesnt do anything XD

 

[Samstoned]

sounds like another issue outside of router
check yer firewall settings this needs to be config'd for same thing allow ports
soft firewall? who wrote it
you may need to enable upnp on router if this is not the case
at least till the software can config for the ports you need to talk to
I just bought DI-624M Super G with MIMO
hope I don't have to pull my hair out on it
I will be reading the @*#%@& manual soon as it comes in

 

[Wotrop]

thx alot sam all fixed

 

[Samstoned]

all righty then
shoulda toll ya dmz has no closed ports(blocked)
your isp may open and close 6881 i think thatsa common port for p2p
they watch there bandwidth real close