Alozaros
DD-WRT Guru
Joined: 16 Nov 2015
Posts: 6446
Location: UK, London, just across the river..
|
 Posted: Sat Nov 30, 2019 17:13 Post subject: Re: Why is DD-WRT communicating with 80.85.84.49 TCP 5222? |
 |
| Z1B903 wrote: | DD-WRT v3.0-r36247 std (06/29/1 - My F/W shows my DD-WRT Linksys 1900AC has outbound packets to IP 80.85.84.89, destination TCP port 5222. This IP is a hosting service in the UK. Any reason for this? |
how did you capture this packet?
on witch interface?
do you have it...??
do you live in UK???
do we know your firewall set up ??
Typical use of port 5222
port 5222 has been used also for publish-subscribe systems, signalling for VoIP, video, file transfer, gaming, the Internet of Things (IoT) applications such as the smart grid, and social networking services.
you need to revise your internal LAN/WIFI connected devices may be one of them is broadcasting outbound...
also you are running an old build, for more security, consider update, currently there was a lot of work going trough Netfilter and DNSmasq, OpenVPN and so on...
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913 |
|
kernel-panic69
DD-WRT Guru
Joined: 08 May 2018
Posts: 14243
Location: Texas, USA
|
| Posted: Sat Nov 30, 2019 17:51 Post subject: |
|
89.84.85.80.in-addr.arpa domain name pointer li748-89.members.linode.com.
https://www.linode.com/
"INDEPENDENT OPEN CLOUD FOR DEVELOPERS
The Developer’s Cloud Simplified
Simplify your cloud infrastructure with our Linux virtual machines and robust set of tools to develop, deploy, and scale your modern applications faster and easier."
Are you using a cloud account with Linode, perhaps?
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net |
|
gregordinary
DD-WRT Novice
Joined: 21 Jun 2020
Posts: 1
|
| Posted: Sun Jun 21, 2020 4:52 Post subject: Re: Why is DD-WRT communicating with 80.85.84.49 TCP 5222? |
|
| Z1B903 wrote: | | DD-WRT v3.0-r36247 std (06/29/1 - My F/W shows my DD-WRT Linksys 1900AC has outbound packets to IP 80.85.84.89, destination TCP port 5222. This IP is a hosting service in the UK. Any reason for this? |
I had the same thing on my router as well, same model. Tracked it down to being from the Speed Checker feature.
xmpp.speedcheckerapi.com is hosted at 80.85.84.49. Port 5222 is standard XMPP port.
So it is part of a DD-WRT feature.
To disable:
1. Go to Services > SpeedChecker
2. Click the radio button for Disable.
3. Click Save.
It didn't disappear from my active sessions until I rebooted the router. |
|
