In Belgium, there are 2 major ISPs: Telenet and Belgacom (Skynet). None of them allows you to run servers on your home DSL connection, but only Telenet enforced this by simply blocking all incoming TCP requests on the low ports.
I regularly connect to my home server over SSH from all over the world to access my files, mail, photos, …. Since not every network I encounter allows outgoing 22/TCP connections, I also listen on 80/TCP and 443/TCP for SSH connections. This setting allowed me to connect home from pretty much every network.
However, since somewhere this weekend, Belgacom started to filter incomming connections. My last successful attempt was around 2009-10-31T00:10+0100. When trying this again today around 16:00+0100, the connection was filtered. Contrary to Telenet, Belgacom has the decency to reply with an “ICMP Administratively Prohibited” message. A quick port-scan showed that the following ports are being filtered:
- 23/tcp (telnet)
- 80/tcp (http)
- 443/tcp (https)
- 992/tcp (telnets)
- 8023/tcp (unknown)
- 8085/tcp (unknown)
- 8443/tcp (https-alt)
Connecting to home has just become more difficult… Guess I’ll start using IP over DNS…
Found another blog describing this issue (in Dutch). Rumor has it that Belgacom will offer an opt-out of this filtering.
The filtering of port 23, 80 and 443 can be disabled by surfing to the Belgacom e-service site and opting for “Basic Security” under “mijn internet – mijn opties”.