Which port does Ubuntu Software Center use?

networking firewall software-center

I have installed the gufw firewall utility and want to make a whitelist of ports (want maximum security, but whitelisting single IPs is currently too tedious). I have so far only entered ports 53 (for DNS), 80 (for HTTP) and 443 (for HTTPS), both in- and outgoing, into the whitelist and closed the firewall, but Ubuntu Software Center can install programs without hindrance, whereas the firewall definitely is running (www content won't load when list entries are not present).

Is it using any of these ports for program data transfer? Seems strange to me. Or is there an overriding exception pre-defined in Ubuntu (this is a new setup, 12.04)? What is probably the case here, and what port does the Software Center use for program data (I assume it does use HTTP for the interface and list entries, but the programs themselves?)?

TLDR:

  1. Why does Ubuntu Software Center get through my firewall which blocks all but DNS/HTTP/HTTPS (via blocking all other ports), so that it can install programs?

  2. Which port does it use for the program data transfer?


Solution 1:

Here's what I found out by running Wireshark while installing a single application using the Ubuntu Software Centre:

  • DNS requests (outgoing to UDP port 53 to your configured DNS server, for...) and HTTP (outgoing to TCP port 80 to...)
    • reviews.ubuntu.com
    • myapps.developer.ubuntu.com
    • software-center.ubuntu.com
  • Everything about your local APT configuration (repositories configured). This is usually either HTTP or FTP and requires DNS as well of course. See your "Software Sources" to see what Ubuntu archives mirror you're using. If you can run sudo apt-get update without errors, you're all set.

Note: I did not find any HTTPS traffic. However, this may be the case for private PPAs (used for commercial software).

Solution 2:

If you block everything except ssh and run apt-get update it will return both the IPs and ports:

Err:2 http://archive.canonical.com/ubuntu xenial InRelease
      Could not connect to archive.canonical.com:80 (91.189.92.191). - connect (111: Connection refused) [IP: 91.189.92.191 80]
    Err:3 http://us-east1.gce.archive.ubuntu.com/ubuntu xenial InRelease
      Could not connect to us-east1.gce.archive.ubuntu.com:80 (35.196.129.83). - connect (111: Connection refused) [IP: 35.196.129.83 80]
    Err:4 http://us-east1.gce.archive.ubuntu.com/ubuntu xenial-updates InRelease
      Unable to connect to us-east1.gce.archive.ubuntu.com:http: [IP: 35.196.129.83 80]
    Err:5 http://us-east1.gce.archive.ubuntu.com/ubuntu xenial-backports InRelease
      Unable to connect to us-east1.gce.archive.ubuntu.com:http: [IP: 35.196.129.83 80]
    Err:6 http://security.ubuntu.com/ubuntu xenial-security InRelease
      Could not connect to security.ubuntu.com:80 (91.189.88.162). - connect (111: Connection refused) [IP: 91.189.88.162 80]
    Reading package lists...

Maybe better if you test on a real console and not a remote terminal. Unplug the LAN cable and run apt update then check the errors returned.

Related

Unable to install Octave
Google Earth stops immediately after startup
How to create file in a Windows mounted partition?
Chrome on Ubuntu no longer supports Netflix? Latest update removed Widevine component
Where can I get "DA360C64005E0276" public key for "ppa.launchpad.net maverick Release"?
dpkg:error:parsing file '/var/lib/dpkg/status' near line 1146 package 'python-minimal'
Stop the Ubuntu updater from nagging about Firefox English Language pack even after uninstalling Firefox
openSSL 1.1.1 security bug CVE-2020-1971 [duplicate]
Program sub menus dark gray on black, thus illegible
I need a 3D Sketchup-like program [duplicate]
Ubuntu consumes too much battery
Save terminal output to a txt file