darkk
[Question] Connecting to arbitrary port is always opened
I'm doing something wrong or this is a normal behavior, and anyway sorry for the dumb question.
I've NAT rules like:
add rule ip nat REDSOCKS ip protocol tcp ip daddr 123.123.123.0/16 counter redirect to :10820
If I try to connect to an IP:PORT in the network 123.123.123.0/16 that is closed or filtered by a firewall, I still get the telnet prompt and I guess it's the socks5 proxy I'm using.
If I connect to a real working, not filtered, service, everything works as expected.
# Test to port 22 (SSH)
$ telnet 123.123.123.123 30
Trying 123.123.123.123...
Connected to 123.123.123.123.
Escape character is '^]'.
SSH-2.0-OpenSSH_7.5
^]
telnet> quit
Connection closed.
# Test to port 30 (it's closed, nothing is listening on port 30)
$ telnet 123.123.123.123 30
Trying 123.123.123.123...
Connected to 123.123.123.123.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
Probably this is normal, because I'm natting all connections to redsocks, but I was wondering if there's a workaround.
I need to monitor the remote server status, for example sending SYN request to some specific ports, like 22 and 3389, but at the moment whatever port I test the port is opened.
Thanks in advance and have a great new Year!
