3478/udp network traffic after upgrade?


#1

Yesterday 8th Nov 2017 a lot of traffic started to hit firewall in every 1 minute interval. It seems to start happening after “Automatic upgrade (current “v0.14.39” < latest “v0.14.40”)”. Any ideas why, and how to stop it?

Nov 08 11:22:13 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=77.72.169.212 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=49885 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:13 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=217.10.68.152 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=53533 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:13 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=217.10.68.152 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=53532 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:13 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=217.10.68.152 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=53523 DF PROTO=UDP SPT=22020 DPT=10000 LEN=52 Nov 08 11:22:13 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=77.72.169.212 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=49677 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=66.51.128.11 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=45107 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=216.93.246.18 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=32945 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=77.72.169.213 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=5011 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=216.93.246.18 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=32870 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=216.93.246.18 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=32869 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=216.93.246.18 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=32844 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=212.227.67.34 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=47615 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=77.72.169.212 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=49667 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:12 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=217.10.68.152 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=53251 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52 Nov 08 11:22:11 xxx kernel: IN= OUT=p2p1 SRC=xx.xx.xx.xx DST=192.95.17.62 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=35713 DF PROTO=UDP SPT=22020 DPT=3478 LEN=52


(Audrius Butkevicius) #2

There is another thread about KCP just abfew below this one.


#3

Thanks. In my case fix was easy; replacing Sync Protocol Listen Addresses = default by tcp://0.0.0.0:22000.


(Audrius Butkevicius) #4

This disables relaying though. Not sure if this matters to you.


(system) #5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.