CSF Firewall Ports question - What ports are needed and what can I remove?


So I have CSF installed on QuickBox Pro and seems to be all working fine.
But do have a question about the following ports that are listed in: I got the below info from: https://github.com/QuickBox/QB/blob/master/setup/templates/csf.conf.template

Does anyone know what the below Ports are used for?
3000, 3443, 5050, 8888

Full list of ports from github link above

# Allow incoming TCP ports
TCP_IN = "22,25,53,80,110,143,443,465,587,993,995,3000,3443,4040,4242,4747,5757,5050,8000,8081,8181,8384,8888,8989,9117,20000:61000,65080"

# Allow outgoing TCP ports
TCP_OUT = "22,25,53,80,110,113,443,587,993,995,3000,3443,4040,4242,4747,5757,5050,8000,8081,8181,8384,8888,8989,9117,20000:61000,65080"

# Allow incoming UDP ports
UDP_IN = "22,53,3000,3443,4040,4242,4747,5757,5050,8000,8081,8181,8384,8888,8989,9117,20000:61000,65080"

# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = "22,53,113,123,3000,3443,4040,4242,4747,5757,5050,8000,8081,8181,8384,8888,8989,9117,20000:61000,65080"

I have been able to workout most of the ports from doing a Googling, which I have listed below:
22 = SSH
25 = SMTP
53 = DNS
80 = HTTP
110 = POP3
113 = Ident / Auth
123 = NTP
143 = IMAP
443 = HTTPS
465 = SMTP over TLS/SSL
587 = SMTP
993 = IMAP over TLS/SSL
995 = POP3 over TLS/SSL
4040 = Subsonic
4242 = Quassel
4747 = SSH
5757 = FTP
8000 = pyLoad
8081 = SickGear, SickChill, Medusa
8181 = Tautulli, Headphones
8384 = Syncthing
8989 = Sonarr
9117 = Jackett


Hey there @GazCBG!

Check out this Knowledge Base article for install locations as well as ports.

8888 = Resillio Sync (btsync)
3000 = Flood (but now it uses a range as it’s multiple-user friendly)
3443 = Deprecated
5050 = CouchPotato (but now it uses a range as it’s multiple-user friendly)

Keep in mind that the CSF package is no longer “officially” supported and has been removed from Pro. So if you have it installed, you’re porting it over from Community. There are some items in there that are no longer relevant.

1 Like

Hi @JMSolo

Thanks for the reply and the link :slight_smile:

I did a manual install of CSF and only copied the ports over, on my test server, as I have used it before in hosting and various other projects I have done, so am familiar with it.

Thanks again :slight_smile:


Ah perfect then!

CSF is something I plan on porting back over to Pro after I get a chance to fine-tune it a bit more. Giving the option between Fail2ban and CSF is desirable as there are some that would rather use CSF.


1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.