ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

UID 977 (zerotier-one) Tracking Hit

https://mail.forum.configserver.com/viewtopic.php?t=12863

Page 1 of 1

UID 977 (zerotier-one) Tracking Hit

Posted: 20 Jul 2023, 08:50
by webexpert
I am getting tons of emails with this alert.
I have opened port 9993 and works but I am getting theese errors

How I can exclude this service or allow all traffic?

https://docs.zerotier.com/zerotier/trou ... rotier-use
What ports does ZeroTier use?#

It listens on three 3 UDP ports:

9993 - The default
A random, high numbered port derived from your ZeroTier address
A random, high numbered port for use with UPnP/NAT-PMP mappings

That means your peers could be listening on any port. To talk with them directly, you need to be able send to any port.

Code: Select all

Sample of port hits:
Jul 12 07:07:43 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.190 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=41011 PROTO=UDP SPT=31425 DPT=60942 LEN=145 UID=977 GID=968 
Jul 12 07:08:28 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.144 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=3081 PROTO=UDP SPT=9993 DPT=18016 LEN=145 UID=977 GID=968 
Jul 12 07:08:28 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.144 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=30929 PROTO=UDP SPT=23205 DPT=18016 LEN=145 UID=977 GID=968 
Jul 12 07:08:28 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.144 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=3082 PROTO=UDP SPT=23205 DPT=18016 LEN=145 UID=977 GID=968 
Jul 12 07:08:28 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.144 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=30930 PROTO=UDP SPT=31425 DPT=18016 LEN=145 UID=977 GID=968 
Jul 12 07:08:28 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.144 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=3083 PROTO=UDP SPT=31425 DPT=18016 LEN=145 UID=977 GID=968 
Jul 12 07:08:43 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.190 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=20408 PROTO=UDP SPT=9993 DPT=60942 LEN=145 UID=977 GID=968 
Jul 12 07:08:43 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.190 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=49079 PROTO=UDP SPT=23205 DPT=60942 LEN=145 UID=977 GID=968 
Jul 12 07:08:43 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.190 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=20409 PROTO=UDP SPT=23205 DPT=60942 LEN=145 UID=977 GID=968 
Jul 12 07:08:43 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.190 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=49080 PROTO=UDP SPT=31425 DPT=60942 LEN=145 UID=977 GID=968 
Jul 12 07:08:43 power kernel: Firewall: *UDP_OUT Blocked* IN= OUT=enp2s0 SRC=xx.xx.xx.xx DST=62.74.24.190 LEN=165 TOS=0x00 PREC=0x00 TTL=255 ID=20410 PROTO=UDP SPT=31425 DPT=60942 LEN=145 UID=977 GID=968
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited