dlink 624, forwarding most ports

By Wotrop ยท 9 replies
Aug 26, 2006
  1. Hey all.

    I have a dlink 624 but am having problems all the time with port forwarding.

    So i got this great idea!

    What if I just forward say ports 10000 - whatever port i can go up to, and direct it all to my computer on the network.

    Problem is I have no clue what to do! Portforward says i cant forward enough ports and dlink is no help :(

    any help would be loved :)
  2. jobeard

    jobeard TS Ambassador Posts: 11,122   +982

    what are you trying to do with port forwarding (PF)? Each port is unique to
    a particular service running on a particular system, eg: port 80 is the default
    for a web server. There are a few applications that use a range of ports,
    like 6500-6510, but I.T. pros really dislike them for security reasons.

    the normal use of PF is to forward just the specific few required.
    so i'll move the question again, what are you trying to achieve?
  3. Wotrop

    Wotrop TS Rookie Topic Starter Posts: 72

    well the idea is to not need to forward multiple ports for diff programs and just have 1 huge range that comes to my computer. ports 10000 and up. I dont want port 80, 21 or all important ones forwarded, just the 5 digit ones.
  4. jobeard

    jobeard TS Ambassador Posts: 11,122   +982

    let's get the basics correct.
    a browser creates a socket (aka port) > 1024, makes a request to a service
    (eg web server), and the server replies to the same port upon which the request
    was make. Normally, this means ports >1024 are NOT required.

    open ports above 1024 are ripe for attack! I highly recommend you rethink why you're doing this

    for example, here's some clips from my router log, showing unsolicited attempts to access my system:
    48| <SPI: non-existing connection> <TCP>Source=, Destination=AA.BB.CCC.DDDD:32901
    49| <SPI: non-existing connection> <TCP>Source=, Destination=AA.BB.CCC.DDDD:32859
    50| <SPI: non-existing connection> <TCP>Source=, Destination=AA.BB.CCC.DDDD:32901
    51| <SPI: non-existing connection> <TCP>Source=, Destination=AA.BB.CCC.DDDD:32859
    52| <SPI: non-existing connection> <TCP>Source=, Destination=AA.BB.CCC.DDDD:32901
    53| <SPI: non-existing connection> <TCP>Source=, Destination=AA.BB.CCC.DDDD:32859
    54| <SPI: non-existing connection> <TCP>Source=, Destination=AA.BB.CCC.DDDD:32859
    55| <SPI: non-existing connection> <TCP>Source=, Destination=AA.BB.CCC.DDDD:32901
  5. Wotrop

    Wotrop TS Rookie Topic Starter Posts: 72


    i have a hardware firewall.:angel: not just my router.
  6. Samstoned

    Samstoned TechSpot Paladin Posts: 1,018

    ya you should be able do a range
    both tcp udp
    check manual on port forward setup
    my linksys is setup like
    (program name) range 8080 / 18080 both for udp tcp
    check the net for highest used port numbers
    opening all those ports will allow the nasties in
    some routers have a dmz port for one machine that may work better
  7. Wotrop

    Wotrop TS Rookie Topic Starter Posts: 72

    yea im running on dmz right now but it doesnt do anything XD
  8. Samstoned

    Samstoned TechSpot Paladin Posts: 1,018

    sounds like another issue outside of router
    check yer firewall settings this needs to be config'd for same thing allow ports
    soft firewall? who wrote it
    you may need to enable upnp on router if this is not the case
    at least till the software can config for the ports you need to talk to
    I just bought DI-624M Super G with MIMO
    hope I don't have to pull my hair out on it
    I will be reading the @*#%@& manual soon as it comes in
  9. Wotrop

    Wotrop TS Rookie Topic Starter Posts: 72

    thx alot sam all fixed :)
  10. Samstoned

    Samstoned TechSpot Paladin Posts: 1,018

    all righty then
    shoulda toll ya dmz has no closed ports(blocked)
    your isp may open and close 6881 i think thatsa common port for p2p
    they watch there bandwidth real close
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...