Okay, can you share your /etc/config/firewall and /etc/config/network… maybe somebody will figure out something… But this definitely isn’t a standard behavior.
Log in to your Turris Omnia via the CLI, and enter ss -tulpn | grep "listen". The output shows all listening services. Lines with 127.0.0.1 or [::1] are local services without an open port. All services with 0.0.0.0 or * should have open ports.
On my Turris, there are 22/tcp (SSH), 53/tcp (kresd DNS), 80/tcp (Lighttpd Webmanagement HTTP) and 443/tcp (Lighttpd Webmanagement via HTTPS).
One thing is having a running service listening on an open port, and the other is blocking access to the port from WAN. These are two separate things and I think what this thread is about is the latter…
Nmap scan report for xxx (yyy)
Host is up (0.24s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
53/tcp open domain
80/tcp open http
179/tcp filtered bgp
443/tcp open https
587/tcp open submission
646/tcp filtered ldp
711/tcp filtered cisco-tdp
2525/tcp open ms-v-worlds
You can use this site, it is usually not too bad https://www.grc.com/intro.htm
The result of nmap are sometime weird for home network because operator use plenty of gateways.
You can give us your public IP, like this we can compare our result …
In private Message of course
And I will give you mine, like this you can follow the logs.
But I fully understand, if your are not confortable with that …
If you have a doubt, unplug your WAN access and put a laptop in it and restart your scan. And if you have open port try to use it. You can also plug a small hub on your WAN port like this you can scan your internet access in real time. Beware all the plug in this hub will be not protected by the firewall. And by the way what is the result of ShieldsUP! at https://www.grc.com ?
Well, if you’re in the middle of an investigation whether all your ports aren’t mistakenly open to the world, I think giving out the IP address is really not the best idea =)