Opening Specific Ports
[1/18] from: mattsmac::hotmail::com at: 10-Nov-2003 8:53
How can I control what port (on the client side) gets opened when connecting
to a TCP server? I know you can control which port on the server it
connects to, but not where it connects from.
Matt
_________________________________________________________________
MSN Shopping upgraded for the holidays! Snappier product search...
http://shopping.msn.com
[2/18] from: petr:krenzelok:trz:cz at: 10-Nov-2003 15:20
Matt MacDonald wrote:
>How can I control what port (on the client side) gets opened when connecting
>to a TCP server? I know you can control which port on the server it
<<quoted lines omitted: 3>>
>MSN Shopping upgraded for the holidays! Snappier product search...
>http://shopping.msn.com
console 1:
server: open tcp://:9005
conn: first wait server
console 2:
client: open tcp://172.0.0.1:9005
probe client
watch for following object words:
local-port: 1786
remote-port: 9005
HTH,
-pekr-
[3/18] from: mattsmac:hotm:ail at: 10-Nov-2003 9:35
I understand how to do that, but what I want to do is have the client
computer connect to a server port (in your case 9005) and also control what
port the client uses to make that connection. For instance say something
like:
server:
l: open tcp://:9005
s: first l
client:
c: open tcp://:(ip-address):9005 on 8005
So that I know that the client computer will always be opening port 8005 to
connect to port 9005 on the server.
Matt
--------------------------------------------------------
Matt MacDonald wrote:
>How can I control what port (on the client side) gets opened when
>connecting to a TCP server? I know you can control which port on the
<<quoted lines omitted: 3>>
>MSN Shopping upgraded for the holidays! Snappier product search...
>http://shopping.msn.com
console 1:
server: open tcp://:9005
conn: first wait server
console 2:
client: open tcp://172.0.0.1:9005
probe client
watch for following object words:
local-port: 1786
remote-port: 9005
HTH,
-pekr-
_________________________________________________________________
Frustrated with dial-up? Get high-speed for as low as $26.95.
[4/18] from: mattsmac:ho:tmail at: 10-Nov-2003 13:35
Anybody else have any thoughts on this? Or is this an impossibility?
Matt
[5/18] from: tomc:darkwing:uoregon at: 10-Nov-2003 12:20
On Mon, 10 Nov 2003, Matt MacDonald wrote:
> Anybody else have any thoughts on this? Or is this an impossibility?
>
> Matt
I will not claim impossibile, but can gaurentee it could not work in
some cases. specificaly when the client is already using the port you
specify.
[6/18] from: mattsmac:hotmai:l at: 10-Nov-2003 15:46
I realize this, but I still need to know how to do it. I can handle any
conflicts that arise, I just need to know the code to make it happen.
Matt
-------------
On Mon, 10 Nov 2003, Matt MacDonald wrote:
>Anybody else have any thoughts on this? Or is this an impossibility?
>
>Matt
I will not claim impossibile, but can gaurentee it could not work in
some cases. specificaly when the client is already using the port you
specify.
[7/18] from: tomc:darkwing:uoregon at: 10-Nov-2003 21:41
Hi Matt,
first off I have to say I am not a network pro by any means,
but what I think I hear you saying you want to do,
sounds alot like the FTP protocal.
server listens
client connects ;this will be the control port
client opens local "Port Of Choose" ; say 8005
client sends server the "Port Of Choose" number
server connects to client:8005
server inserts whatever into client:POC
client is happy
On Mon, 10 Nov 2003, Matt MacDonald wrote:
[8/18] from: mattsmac:hot:mail at: 11-Nov-2003 8:10
No, basically, if you have a server running, say on port 8000 and you
connect to it via a client the client will connect on a random local port to
that remote port. Doing a probe on the connection verifies this. What I
want to do is have the client connect via a specified port, so that if you
do a probe on the client connection it will look something like:
local-ip: <client's IP Address>
remote-ip: <server's IP Address>
local-port: 9000
remote-port: 8000
So that I can have some control on how the client connects to the server
Matt
------------------------------------------------------
Hi Matt,
first off I have to say I am not a network pro by any means,
but what I think I hear you saying you want to do,
sounds alot like the FTP protocal.
server listens
client connects ;this will be the control port
client opens local "Port Of Choose" ; say 8005
client sends server the "Port Of Choose" number
server connects to client:8005
server inserts whatever into client:POC
client is happy
On Mon, 10 Nov 2003, Matt MacDonald wrote:
>I realize this, but I still need to know how to do it. I can handle any
>conflicts that arise, I just need to know the code to make it happen.
<<quoted lines omitted: 66>>
> > >HTH,
> > >-pekr-
_________________________________________________________________
Compare high-speed Internet plans, starting at $26.95.
[9/18] from: antonr:iinet:au at: 12-Nov-2003 0:41
I don't think I have ever seen this mentioned
on this list. That's not to say it can't be done.
How about: keep rejecting connections until the
right port number comes along? :)
Anton.
[10/18] from: mattsmac:hotm:ail at: 11-Nov-2003 8:56
Somehow I don't think that would be very efficient, but thanks all the same.
Matt
-----------------------------------------------------------
I don't think I have ever seen this mentioned
on this list. That's not to say it can't be done.
How about: keep rejecting connections until the
right port number comes along? :)
Anton.
>No, basically, if you have a server running, say on port 8000 and you
>connect to it via a client the client will connect on a random
<<quoted lines omitted: 9>>
>So that I can have some control on how the client connects to the server
>Matt
_________________________________________________________________
Compare high-speed Internet plans, starting at $26.95.
[11/18] from: greggirwin:mindspring at: 11-Nov-2003 9:28
Hi Matt,
MM> Somehow I don't think that would be very efficient, but thanks all the same.
I think he knew that. :) Anyway, I haven't jumped in on this since
it's not my area of expertise but, with the caveat that the socket
stuff I've read and written says you really don't want to do this in
most cases...
port-id: 2727
port: make system/standard/port [
scheme: 'tcp
port-id: port-id
handler: Root-Protocol ;???
;... whatever else you might need to do
]
Again, having not done this from REBOL, I can't say for sure if this
will work, though trying it will be easier than using WinSock directly
from REBOL. :)
-- Gregg
[12/18] from: mattsmac:hotma:il at: 11-Nov-2003 12:07
Nope, doesn't work, but thanks anyway Gregg. Even if I explicitly define
the local-port (on the client side) to be 2727 let's say, it still defaults
to that random port number.
Matt
-------------------------------------------------
Hi Matt,
MM> Somehow I don't think that would be very efficient, but thanks all the
same.
I think he knew that. :) Anyway, I haven't jumped in on this since
it's not my area of expertise but, with the caveat that the socket
stuff I've read and written says you really don't want to do this in
most cases...
port-id: 2727
port: make system/standard/port [
scheme: 'tcp
port-id: port-id
handler: Root-Protocol ;???
;... whatever else you might need to do
]
Again, having not done this from REBOL, I can't say for sure if this
will work, though trying it will be easier than using WinSock directly
from REBOL. :)
-- Gregg
_________________________________________________________________
MSN Messenger with backgrounds, emoticons and more.
http://www.msnmessenger-download.com/tracking/cdp_customize
[13/18] from: greggirwin:mindspring at: 11-Nov-2003 10:46
Hi Matt,
MM> Nope, doesn't work, but thanks anyway Gregg. Even if I explicitly define
MM> the local-port (on the client side) to be 2727 let's say, it still defaults
MM> to that random port number.
Well, too bad we can't seem to override it, but at least they're doing
what's recommended. One of the tricky things when you BIND your own
port is what to do if you have multiple instances of things and such.
-- Gregg
[14/18] from: mattsmac:hotm:ail at: 11-Nov-2003 14:38
Yeah, I'm sure it's usually a better idea to not bind the ports, but here is
my issue:
I'm making a client software for other users. I need to somehow limit the
ports that rebol will try to open on their computers so that their company
firewalls can be configured to allow access over those ports. Or am I going
about it the wrong way? Any networking gurus out there?
-------------------------------------
Hi Matt,
MM> Nope, doesn't work, but thanks anyway Gregg. Even if I explicitly
define
MM> the local-port (on the client side) to be 2727 let's say, it still
defaults
MM> to that random port number.
Well, too bad we can't seem to override it, but at least they're doing
what's recommended. One of the tricky things when you BIND your own
port is what to do if you have multiple instances of things and such.
-- Gregg
_________________________________________________________________
Compare high-speed Internet plans, starting at $26.95.
[15/18] from: joel:neely:fedex at: 11-Nov-2003 15:18
Hi, Matt,
I claim no guruhood re networking, but...
IIRC, firewall rules can take both origin and destination ports into
account. Could they use a rule that allows any client-side port, as
long as it is attempting to connect to a specified server/port where
the authorized service is available?
-jn-
Matt MacDonald wrote:
> I'm making a client software for other users. I need to somehow limit the
> ports that rebol will try to open on their computers so that their company
> firewalls can be configured to allow access over those ports. Or am I going
> about it the wrong way? Any networking gurus out there?
>
--
----------------------------------------------------------------------
Joel Neely joelDOTneelyATfedexDOTcom 901-263-4446
Enron Accountingg in a Nutshell: 1c=$0.01=($0.10)**2=(10c)**2=100c=$1
[16/18] from: antonr:iinet:au at: 12-Nov-2003 18:45
Yeah, I think it's not a big issue.
I think when you connect to a web server on port 80,
that's port 80 on the *server* computer side.
Who cares which port your client machine connects to
it with. You could have ten programs, each making requests
on different ports to the same port 80 web server.
Firewall rules (on client) just classify that as an
outgoing connection on port 80
. It means "*to* port 80".
I could be wrong, but that's my impression.
Anton.
[17/18] from: g:santilli:tiscalinet:it at: 12-Nov-2003 10:06
Hi Matt,
On Tuesday, November 11, 2003, 8:38:49 PM, you wrote:
MM> I'm making a client software for other users. I need to somehow limit the
MM> ports that rebol will try to open on their computers so that their company
MM> firewalls can be configured to allow access over those ports. Or am I going
MM> about it the wrong way? Any networking gurus out there?
The port from what you are making the connection is not important
for the firewall configuration, unless the firewall is braindead.
What you usually tell to the firewall is "allow users to connect
to these ports on these hosts".
The feature you request is only important in rare cases; one of
this is if you are writing an FTP server and need to support the
active mode, where the server connects to the client from port 20.
Regards,
Gabriele.
--
Gabriele Santilli <[g--santilli--tiscalinet--it]> -- REBOL Programmer
Amiga Group Italia sez. L'Aquila --- SOON: http://www.rebol.it/
[18/18] from: antonr:iinet:au at: 13-Nov-2003 13:17
Yes, in this case you have *two* connections, and so,
four ports. But you only care about the server-side
port numbers. In FTP, the ftp server acts first as
a server, but when a client requests information,
the server connects back to the client as a "client".
Other programs like peer-to-peer file-sharing programs
also have two sets of ports in the specifications.
That's because they also make connections as a client
and as a server.
You might see written in the settings: "client ports xxx - yyy".
That actually means "clients connect to me on my ports xxx - yyy".
It isn't the client-side port number at all being referred
to.
Anton.
Notes
- Quoted lines have been omitted from some messages.
View the message alone to see the lines that have been omitted