GL-AX1800 - Open ports not showing in GUI

mrg9999 · February 4, 2024, 8:54am

I viewed my firewall and I have very few inbound ports showing in the GUI

But when I portscannned it from outside I found 443 open
and when I view /etc/firewall

config rule ‘glservice_https’
257 option name ‘glservice_https’
258 option dest_port ‘443’
259 option proto ‘tcp udp’
260 option src ‘wan’
261 option target ‘ACCEPT’
262 option enabled ‘1’

and
config rule ‘https_wan’
286 option src ‘wan’
287 option proto ‘tcp’
288 option dest_port ‘443’
289 option target ‘ACCEPT’

I take them out and reload the firewall with
/etc/init.d/firewall reload

And then there are no open ports on a scan.

Q. Why didn’t there ports appear in the GUI?

admon · February 4, 2024, 8:59am

To not confuse users because there are a few ones to allow different features - and not all of them are about WAN. Most firewall rules are enabled / disabled based on features: For disabling HTTPS on WAN, for example, you can use the GUI System > Security > Remote Access Control

The GUI will only show rules that start with “GL-” in name. (And the GL- part won’t show)

You can use luci as well to modify advanced firewall rules.

mrg9999 · February 4, 2024, 9:08am

Thanks
I’m using Admin 4.5.0

I admit I didn’t look in the security section as thought it was about passwords etc. I’m a bit of a command line monkey, thanks.
I like to use my own high ports for things like inbound services.

Can I ask a supplementary question?
Is there an (easy) way to add 2factor authentication to the web based login using say Authy or Google Authenticator. What I tend to do is have a secure remote access server I connect to first with XRDP and then ssh / http browse from there and would like to simpligy my life a bit.

admon · February 4, 2024, 9:19am

No, this feature is currently not available.

mrg9999 · February 4, 2024, 9:24am

No problem. I’m wary of messing about with the OS.