What firewall ports - open for anonsurf

Mike_Black · April 7, 2019, 4:11pm

Briefly describe your issue below:
What ports need to be open in the firewall for anonsurf to work

What version of Parrot are you running? (include version, edition, and architecture)
[ParrotOs4.5.1] Home X64
What method did you use to install Parrot? (Debian Standard / Debian GTK / parrot-experimental)
Debian GTK
Configured to multiboot with other systems? (yes / no)
No
If there are any similar issues or solutions, link to them below:

If there are any error messages or relevant logs, post them below:

dmknght · April 8, 2019, 9:08am

anonsurf opens port 9050 and 9051 as i remember

SkyLine · April 8, 2019, 12:02pm

Any way to know/modify the ports opened by the firewall?

KidKlown · April 8, 2019, 1:46pm

Tor itself will use these ports as default:

Transport = 9040
Socksport = 9050
Controlport = 9051
DNSPort = 53

Anonsurf uses 9040 to forward traffic through tor and 53 for DNS.

You can read the anonsurf script to see the iptables rules being used. https://nest.parrotsec.org/security-tools/anonsurf/blob/master/anonsurf.sh

Once you start tor you can see the ports opened using netstat

sudo netstat -tnlup | grep -e "tor"

Or you could read the torrc file on your system

cat /etc/tor/torrc

SkyLine · April 9, 2019, 11:00am

Thanks for the infos.

Mike_Black · April 11, 2019, 4:31am

thanks for the info I added the following rules to ufw
in out both for ports 9040, 9050, 9051, 53 when the firewall is enabled I cannot access website - if I disable the firewall it works fine

sudo netstat -tnlup | grep -e "tor"

tcp 0 0 127.0.0.1:9040 0.0.0.0:* LISTEN 4134/tor
tcp 0 0 127.0.0.1:9050 0.0.0.0:* LISTEN 4134/tor
tcp 0 0 127.0.0.1:9051 0.0.0.0:* LISTEN 4134/tor
udp 0 0 127.0.0.1:53 0.0.0.0:* 4134/tor

Firewall log
[11/04/19 05:00:43] /usr/sbin/ufw allow out from any to any port 53
[11/04/19 05:00:31] /usr/sbin/ufw allow out from any to any port 9051
[11/04/19 05:00:15] /usr/sbin/ufw allow out from any to any port 9050
[11/04/19 04:59:40] /usr/sbin/ufw allow out from any to any port 9040
[11/04/19 05:19:21] /usr/sbin/ufw allow out from any to any port 4134

KidKlown · April 11, 2019, 7:48am

What are you trying to do?

Anonsurf modifies the firewall for you. You shouldn’t have to add any additional rules.

Overmyhead · April 11, 2019, 5:17pm

UFW blocks Anonsurf on my system as well, I have to “allow Incomming”, then it works.

Mike_Black · April 12, 2019, 6:08am

If the firewall is on then I cannot access the internet with anonsurf - if I switch the firewall off I can - so I assumed I had to setup some rules for it to work

anonsurf no firewall - internet access fine

anonsurf with firewall - no internet access

dmknght · April 12, 2019, 7:02am

If the firewall is on then I cannot access the internet with anonsurf - if I switch the firewall off I can - so I assumed I had to setup some rules for it to work
anonsurf no firewall - internet access fine
anonsurf with firewall - no internet access

It happened to me on Debian as well.

KidKlown · April 12, 2019, 7:21am

Ok, so when you install UFW, it adds additional iptables rules that prevent anonsurf from working.

Mike_Black · April 12, 2019, 3:14pm

ok thanks I will figure it out

system · August 10, 2019, 3:14pm

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.