Greetings, I have wireguard installed happily and I have put in two WAN firewall rules, the first to ALLOW UDP/51820 from WANv4/WANv6
and REJECT ALL WANv4/WANv6
immediately after so only my VPN traffic passes from external. Tested and works (eg I can use my internal addresses and hostnames with wg0
on and cannot with wg0
off.
Strangely when I turn wg0
off I still have the following ports visible when using nmap
to my public ip:
PORT STATE SERVICE
21/tcp open ftp
554/tcp open rtsp
1720/tcp open h323q931
1723/tcp open pptp
5060/tcp open sip
Here’s my firewall rule:
Why do those ports remain visible? I do use sentinel honey pots on port 21,23,25,80,587 logs, sentinel proxy and survey. If these services are related how come ss
and netstat
don’t pick them up?