Port is locally opened but not detected by internet port checkers, something is wrong with port forwarding?

2

I have a Mac OS Sierra. I checked if the port is open locally using

nmap -p 4444 localhost

While listening to the same port using 

nc -l 4444

The result by nmap is that the port is open.

I have mobile Huawei 5330s. Both virtual server and special applications are opened port 4444. Following are pictures.

Virtual server

Special applications

Online port checker I used are the first two Google results (can't post links here due to > 10 reputation. Other options that I have on my router settings web interface [security] include:

  1. PIN Management
  2. Firewall Switch (tried to turn it off but no luck!)
  3. LAN IP filter
  4. DMZ settings (add my ip to that but no luck either)
  5. SIP ALG settings (tried both on and off, no luck)
  6. NAT settings: cone or symmetric. Has been configured to cone and didn't touch that.

Never.too.old.to.learn

Posted 2017-03-14T18:22:03.933

Reputation: 21

2Internet port checkers will show a port open ONLY if something IS listening. So if your test was without the application really listening and (of course) the proper port forwarding setup - the result you got is expected (BTW - I would remove the special applications settings and use port forwarding only). First you have to be sure that your application is listening. I would suggest sudo lsof -i -n -P | grep TCP | grep LISTEN to see all ports listening and make sure that the port is listed after your IP address too and not only on 127.0.0.1 (see next comment) – Zina – 2017-03-14T21:28:04.747

1127.0.0.1 - which is localhost - and accepts only connections from your computer. Next step I would suggest is to check with nmap from another computer in the same network. If it is closed on your local network no port forwarding can work (this would mean to check your firewall). If you could come back with more information this would help us to help you. – Zina – 2017-03-14T21:28:13.710

Answers

1

If you've configured a virtual server and have port forwarding set to forward incoming connectivity to port 4444 to 192.168.8.100, assuming your Mac indeed has IP address 192.168.8.100, which you can confirm by issuing the command ifconfig -a, then that should be sufficient for the router configuration. Try turning off the port triggering you've configured for "special applications"; I don't believe you need that if you have the virtual server configured and it may be causing the virtual server setting to not work.

You can check on whether there is any incoming data to port 4444 on the Mac by using the tcpdump packet sniffer utility by issuing the command sudo tcpdump port 4444 in a Terminal window and then trying to connect to the system from a system external to the router.

moonpoint

Posted 2017-03-14T18:22:03.933

Reputation: 4 432

Asked: 2017-03-14T18:22:03.933

Viewed: 661 times

Active: 2017-05-23T20:45:31.390