Alozaros DD-WRT Guru
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
|
Posted: Sat Nov 30, 2019 17:13 Post subject: Re: Why is DD-WRT communicating with 80.85.84.49 TCP 5222? |
|
Z1B903 wrote: | DD-WRT v3.0-r36247 std (06/29/1 - My F/W shows my DD-WRT Linksys 1900AC has outbound packets to IP 80.85.84.89, destination TCP port 5222. This IP is a hosting service in the UK. Any reason for this? |
how did you capture this packet?
on witch interface?
do you have it...??
do you live in UK???
do we know your firewall set up ??
Typical use of port 5222
port 5222 has been used also for publish-subscribe systems, signalling for VoIP, video, file transfer, gaming, the Internet of Things (IoT) applications such as the smart grid, and social networking services.
you need to revise your internal LAN/WIFI connected devices may be one of them is broadcasting outbound...
also you are running an old build, for more security, consider update, currently there was a lot of work going trough Netfilter and DNSmasq, OpenVPN and so on... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913 |
|
kernel-panic69 DD-WRT Guru
Joined: 08 May 2018 Posts: 14243 Location: Texas, USA
|
Posted: Sat Nov 30, 2019 17:51 Post subject: |
|
89.84.85.80.in-addr.arpa domain name pointer li748-89.members.linode.com.
https://www.linode.com/
"INDEPENDENT OPEN CLOUD FOR DEVELOPERS
The Developer’s Cloud Simplified
Simplify your cloud infrastructure with our Linux virtual machines and robust set of tools to develop, deploy, and scale your modern applications faster and easier."
Are you using a cloud account with Linode, perhaps? _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net |
|
gregordinary DD-WRT Novice
Joined: 21 Jun 2020 Posts: 1
|
Posted: Sun Jun 21, 2020 4:52 Post subject: Re: Why is DD-WRT communicating with 80.85.84.49 TCP 5222? |
|
Z1B903 wrote: | DD-WRT v3.0-r36247 std (06/29/1 - My F/W shows my DD-WRT Linksys 1900AC has outbound packets to IP 80.85.84.89, destination TCP port 5222. This IP is a hosting service in the UK. Any reason for this? |
I had the same thing on my router as well, same model. Tracked it down to being from the Speed Checker feature.
xmpp.speedcheckerapi.com is hosted at 80.85.84.49. Port 5222 is standard XMPP port.
So it is part of a DD-WRT feature.
To disable:
1. Go to Services > SpeedChecker
2. Click the radio button for Disable.
3. Click Save.
It didn't disappear from my active sessions until I rebooted the router. |
|