Manual:IP/Services: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
mNo edit summary
No edit summary
Line 3: Line 3:
<div class=manual>
<div class=manual>


<h2>Summary</h2>
==Summary==
<p><b>Sub-menu:</b> <code>/ip service</code></p>
<p id="shbox"><b>Sub-menu:</b> <code>/ip service</code></p>
<br />
<br />
<p>
<p>
Line 11: Line 11:




<h2>Properties</h2>
==Properties==


<br />
<br />
Line 39: Line 39:
</table>
</table>


<h2>Service Ports</h2>
==Service Ports==
<p><b>Sub-menu:</b> <code>/ip firewall service-port</code></p>
<p id="shbox"><b>Sub-menu:</b> <code>/ip firewall service-port</code></p>
<br />
<br />
<p>
<p>
Line 78: Line 78:
</p>
</p>


<h2>Protocols and ports</h2>
==Protocols and ports==


Table below shows the list of protocols and ports used by RouterOS.
Table below shows the list of protocols and ports used by RouterOS.
Line 109: Line 109:
<tr>
<tr>
     <td><b>67/udp</b></td>
     <td><b>67/udp</b></td>
     <td>Bootstrap protocol or [[DHCP Server]]</td>
     <td>Bootstrap protocol or [[M:IP/DHCP Server | DHCP Server]]</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>68/udp</b></td>
     <td><b>68/udp</b></td>
     <td>Bootstrap protocol or [[DHCP Client]]</td>
     <td>Bootstrap protocol or [[M:IP/DHCP Client | DHCP Client]]</td>
</tr>
</tr>
<tr>
<tr>
Line 121: Line 121:
<tr>
<tr>
     <td><b>123/udp</b></td>
     <td><b>123/udp</b></td>
     <td>Network Time Protocol ([[Time | NTP]])</td>
     <td>Network Time Protocol ([[M:System/Time | NTP]])</td>
</tr>
</tr>
<tr>
<tr>
Line 129: Line 129:
<tr>
<tr>
     <td><b>179/tcp</b></td>
     <td><b>179/tcp</b></td>
     <td>Border Gateway Protocol ([[BGP]])</td>
     <td>Border Gateway Protocol ([[M:Routing/BGP | BGP]])</td>
</tr>
</tr>
<tr>
<tr>
Line 141: Line 141:
<tr>
<tr>
     <td><b>520/udp<br />521/udp</b></td>
     <td><b>520/udp<br />521/udp</b></td>
     <td>[[RIP]] routing protocol</td>
     <td>[[M:Routing/RIP | RIP]] routing protocol</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>646/udp<br />521/udp</b></td>
     <td><b>646/udp<br />521/udp</b></td>
     <td>[[LDP]] transport session</td>
     <td>[[M:MPLS/LDP | LDP]] transport session</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>646/tcp<br />521/udp</b></td>
     <td><b>646/tcp<br />521/udp</b></td>
     <td>[[LDP]] hello protocol</td>
     <td>[[M:MPLS/LDP | LDP]] hello protocol</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>1080/tcp</b></td>
     <td><b>1080/tcp</b></td>
     <td>[[SOCKS]] proxy protocol</td>
     <td>[[M:IP/SOCKS | SOCKS]] proxy protocol</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>1701/udp</b></td>
     <td><b>1701/udp</b></td>
     <td>Layer 2 Tunnel Protocol ([[L2TP]])</td>
     <td>Layer 2 Tunnel Protocol ([[M:Interface/L2TP | L2TP]])</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>1723/tcp</b></td>
     <td><b>1723/tcp</b></td>
     <td>Point-To-Point Tunneling Protocol ([[PPTP]])</td>
     <td>Point-To-Point Tunneling Protocol ([[M:Interface/PPTP | PPTP]])</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>1900/udp<br />2828/tcp</b></td>
     <td><b>1900/udp<br />2828/tcp</b></td>
     <td>Universal Plug and Play (uPnP)</td>
     <td>Universal Plug and Play ([[M:IP/UPnP | uPnP]])</td>
</tr>
</tr>
<tr>
<tr>
Line 185: Line 185:
<tr>
<tr>
     <td><b>8728/tcp</b></td>
     <td><b>8728/tcp</b></td>
     <td>[[API]]</td>
     <td>[[M:API | API]]</td>
</tr>
</tr>
<tr>
<tr>
Line 197: Line 197:
<tr>
<tr>
     <td><b>/4</b></td>
     <td><b>/4</b></td>
     <td>[[IPIP]] encapsulation</td>
     <td>[[M:Interface/IPIP | IPIP]] encapsulation</td>
</tr>
</tr>
<tr>
<tr>
Line 205: Line 205:
<tr>
<tr>
     <td><b>/47</b></td>
     <td><b>/47</b></td>
     <td>General Routing Encapsulation (GRE) - used for [[PPTP]] and [[EoIP]] tunnels</td>
     <td>General Routing Encapsulation (GRE) - used for [[M:Interface/PPTP | PPTP]] and [[M:Interface/EoIP | EoIP]] tunnels</td>
</tr>
</tr>
<tr>
<tr>
Line 217: Line 217:
<tr>
<tr>
     <td><b>/89</b></td>
     <td><b>/89</b></td>
     <td>[[OSPF]] routing protocol</td>
     <td>[[M:Routing/OSPF | OSPF]] routing protocol</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>/103</b></td>
     <td><b>/103</b></td>
     <td>[[Multicast | IGMP]]</td>
     <td>[[M:Routing | Multicast | IGMP]]</td>
</tr>
</tr>
<tr>
<tr>
     <td><b>/112</b></td>
     <td><b>/112</b></td>
     <td>[[VRRP]]</td>
     <td>[[M:Interface/VRRP | VRRP]]</td>
</tr>
</tr>
</table>
</table>

Revision as of 13:48, 30 April 2010

Applies to RouterOS: v3, v4

Summary

Sub-menu: /ip service


This document lists protocols and ports used by various MikroTik RouterOS services. It helps you to determine why your MikroTik router listens to certain ports, and what you need to block/allow in case you want to prevent or grant access to the certain services. Please see the relevant sections of the Manual for more explanations.


Properties


Note that it is not possible to add new services, only existing service modifications are allowed.

Property Description
address (IP address/netmask; Default: 0.0.0.0/0) IP address from which the service is accessible. Default value is '0.0.0.0/0' - any address.
certificate (name; Default: none) The name of the certificate used by particular service. Applicable only for services that depends on certificates (www-ssl)
name (name; Default: none) Service name
port (integer: 1..65535; Default: ) The port particular service listens on

Service Ports

Sub-menu: /ip firewall service-port


Hosts behind a NAT-enabled router do not have true end-to-end connectivity. Therefore some Internet protocols might not work in scenarios with NAT.
To overcome these limitations RouterOS includes a number of NAT helpers, that enable NAT traversal for various protocols.

Helper Description
FTP FTP service helper
h323 H323 service helper
irc
PPTP PPTP tunneling helper.
SIP
tftp

Protocols and ports

Table below shows the list of protocols and ports used by RouterOS.

Proto/Port Description
20/tcp FTP data connection
21/tcp FTP control connection
23/tcp Secure Shell (SSH) remote Login protocol
23/tcp Telnet protocol
53/tcp
53/udp
DNS
67/udp Bootstrap protocol or DHCP Server
68/udp Bootstrap protocol or DHCP Client
80/tcp World Wide Web HTTP
123/udp Network Time Protocol ( NTP)
161/udp Simple Network Management Protocol (SNMP)
179/tcp Border Gateway Protocol ( BGP)
443/tcp Secure Socket Layer (SSL) encrypted HTTP
500/udp Internet Key Exchange (IKE) protocol
520/udp
521/udp
RIP routing protocol
646/udp
521/udp
LDP transport session
646/tcp
521/udp
LDP hello protocol
1080/tcp SOCKS proxy protocol
1701/udp Layer 2 Tunnel Protocol ( L2TP)
1723/tcp Point-To-Point Tunneling Protocol ( PPTP)
1900/udp
2828/tcp
Universal Plug and Play ( uPnP)
2000/tcp Bandwidth test server
5678/udp Mikrotik Neighbor Discovery Protocol
8080/tcp HTTP Web Proxy
8291/tcp Winbox
8728/tcp API
20561/udp MAC winbox
/1 ICMP
/4 IPIP encapsulation
/41 IPv6 (encapsulation)
/47 General Routing Encapsulation (GRE) - used for PPTP and EoIP tunnels
/50 Encapsulating Security Payload for IPv4 (ESP)
/51 Authentication Header for IPv4 (AH)
/89 OSPF routing protocol
/103 Multicast | IGMP
/112 VRRP