DD-WRT communicating with 80.85.84.49 TCP 5222? [SOLVED]

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Author Message
Z1B903
DD-WRT Novice


Joined: 30 Nov 2019
Posts: 1

PostPosted: Sat Nov 30, 2019 16:31    Post subject: DD-WRT communicating with 80.85.84.49 TCP 5222? [SOLVED] Reply with quote
DD-WRT v3.0-r36247 std (06/29/1Cool - My F/W shows my DD-WRT Linksys 1900AC has outbound packets to IP 80.85.84.89, destination TCP port 5222. This IP is a hosting service in the UK. Any reason for this?
Sponsor
Wildlion
DD-WRT Guru


Joined: 24 May 2016
Posts: 925

PostPosted: Sat Nov 30, 2019 16:58    Post subject: Reply with quote
What page are you on? Are you sure it is not a computer connecting through the router?

have you tried blocking it?
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3963
Location: UK, London, just across the river..

PostPosted: Sat Nov 30, 2019 17:13    Post subject: Re: Why is DD-WRT communicating with 80.85.84.49 TCP 5222? Reply with quote
Z1B903 wrote:
DD-WRT v3.0-r36247 std (06/29/1Cool - My F/W shows my DD-WRT Linksys 1900AC has outbound packets to IP 80.85.84.89, destination TCP port 5222. This IP is a hosting service in the UK. Any reason for this?


how did you capture this packet?
on witch interface?
do you have it...??
do you live in UK???
do we know your firewall set up ??

Typical use of port 5222

port 5222 has been used also for publish-subscribe systems, signalling for VoIP, video, file transfer, gaming, the Internet of Things (IoT) applications such as the smart grid, and social networking services.

you need to revise your internal LAN/WIFI connected devices may be one of them is broadcasting outbound...

also you are running an old build, for more security, consider update, currently there was a lot of work going trough Netfilter and DNSmasq, OpenVPN and so on...

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44715 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44849 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44849 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44849 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 7450
Location: Texas, USA

PostPosted: Sat Nov 30, 2019 17:51    Post subject: Reply with quote
89.84.85.80.in-addr.arpa domain name pointer li748-89.members.linode.com.

https://www.linode.com/

"INDEPENDENT OPEN CLOUD FOR DEVELOPERS
The Developer’s Cloud Simplified
Simplify your cloud infrastructure with our Linux virtual machines and robust set of tools to develop, deploy, and scale your modern applications faster and easier."

Are you using a cloud account with Linode, perhaps?

_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
gregordinary
DD-WRT Novice


Joined: 21 Jun 2020
Posts: 1

PostPosted: Sun Jun 21, 2020 4:52    Post subject: Re: Why is DD-WRT communicating with 80.85.84.49 TCP 5222? Reply with quote
Z1B903 wrote:
DD-WRT v3.0-r36247 std (06/29/1Cool - My F/W shows my DD-WRT Linksys 1900AC has outbound packets to IP 80.85.84.89, destination TCP port 5222. This IP is a hosting service in the UK. Any reason for this?


I had the same thing on my router as well, same model. Tracked it down to being from the Speed Checker feature.

xmpp.speedcheckerapi.com is hosted at 80.85.84.49. Port 5222 is standard XMPP port.

So it is part of a DD-WRT feature.

To disable:
1. Go to Services > SpeedChecker
2. Click the radio button for Disable.
3. Click Save.

It didn't disappear from my active sessions until I rebooted the router.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum