Just checked what the traffic all was but it seems I have a connection open from .CH to my external device that's connected to my modem in bridge mode.
┌snip my external ip:23 = 0 0 ---- eth0.2 │
What's this all about?
Why is this host connecting on my device OpenWrt device on telnet port from .CH?
Using firmware from the OpenWrt site:
OpenWrt 19.07.0, r10860-a3ffeb413b
Do OpenWrt devs have access to our devices?
Netstat and lsof did not showed anything.
Seeing this traffic with iptraf-ng (installed via opkg).
No. There are no backdoors built into OpenWrt -- it is intended to be secure. And the firewall is also configured to be simple but secure out of the box (i.e. default configuration).
Can you post your config files for /etc/config/firewall and /etc/config/network?
did you install any additional packages or make other modifications to the default config (except maybe wireless or the LAN address)? If so, what were the changes?
Are you certain that this isn't some other device on your network that has opened the connection to the IP in question?
Perhaps, it's just a port scan.
I assume this means no traffic (i.e. no packets and no bytes)?
If so, then there was never a connection made.
I am so paranoid.
Probably indeed a port scan since there was 0 byte traffic.
And now I created this topic... Please admins delete this topic
Actually, probably good that it exists. May help future viewers with similar questions.
That said, you can mark it as "solved."
EDIT: I see you marked this as the solution -- probably best to tag @lleachii's explanation as the solution.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.