Newly installed Openwrt and strange 21 OPEN port

Hi, I am totally new to OpenWRT (don't kill me if I am doing something stupid).

I bought a Linksys router, have read OpenWRT documentation and setup my VLANs thanks to great tutorials on My ISP modem is on bridge mode, everything seemed looking well (have connectivity and DNS working, zones blocking correctly, etc).

Now I tried to do some port scanning with NMAP to my public IP from a computer outside of my network. I did some simple TCP scan to all ports (-sT) and found some filtered ports and just port 21 OPEN. I see also run -sV to check this port 21 is tcpwrapped.

I tried then to identify what was listening to port 21 running netstat -nutlp | grep 21 and there is nothing! Then I checked that I have no port forward rules, NAT rules or custom rules, and also no traffic rules mentioning port 21.

I would like to understand how this port is open... any hint?

Could be by your ISP filtering port 21 out.
Try to forwarding it to a FTP server in your LAN and see if you can connect from public IP to it.

I tried connecting via ftp but I get:
ftp: connect: Connection refused

should I use wireshark or another tool to check if this port is reaching the router?

You can use tcpdump on the router CLI, I think the command would be:
tcpdump -i wan port 21
As someone else said, it is probably the ISP blocking them, and the router won't see anything.

1 Like