0

I'm copying files via the program Bvckup to a windows share.

From a wireshark capture, I see that the operation uses TCP port 445 and SMB2 port 64663.

I want to make a firewall rule, but I am uncertain if the port 64663 is a random port.

Anybody knows which ports/range I should open?

MojoDK
  • 261
  • 7
  • 18
  • Port 64663 is a dynamic port, but SMB doesn't use it. Bvckup must be creating it. – harrymc Apr 23 '22 at 09:53
  • You would allow inbound traffic on the client from from on TCP 137, 139, 445 and UDP 137, 138 and outbound traffic to . – JW0914 Apr 23 '22 at 11:44
  • Port 137 (UDP exclusively) is for LAN hostname lookups using NetBIOS – not part of SMB2 (and not needed if you're using DNS or mDNS anyway). Port 138 is for datagram-based services, which SMB is not (and doesn't rely on any such services); there were a few programs that used 138 but they all have completely disappeared by now (like Messenger/Winpopup). Only port 139 is an actual SMB, port but still from SMBv1+NetBIOS era – even SMBv1 clients newer than Win98 will prefer 445 over 139, and SMBv2/v3 is pretty much exclusively port 445. – u1686_grawity Apr 23 '22 at 13:15

1 Answers1

2

Each TCP connection involves two ports – a specific port on the server side, a random (ephemeral) port on the client side. You never write firewall rules to match the latter, only the former.

On the server side, SMB2 uses port 445. (SMBDirect with RDMA may use port 5445.)

On the client side, there is no specific port assigned – like almost any other TCP-based protocol, a random port is allocated unique for each connection (from the OS configured "ephemeral port" range).

u1686_grawity
  • 426,297
  • 64
  • 894
  • 966