Re: incoming connection port 80

Erik schrieb:
On 4 mrt, 20:35, "Peter Duniho" <NpOeStPe...@xxxxxxxxxxxxxxxx> wrote:
On Tue, 04 Mar 2008 10:55:05 -0800, Mark Space <marksp...@xxxxxxxxxxxxxx>
wrote:

Erik wrote:
I'm wondering how to accept connections (socket) if you are behind a
router. Skype and
uTorrent can handle this (by using port 80 or 443). How do these
programs manage to accept
connections if ports (accept port 80 and 443) are blocked?
Thanks
Erik
uTorrent is just a Bit Torrent client.
Bit Torrent connects out to a server, it does not accept incoming
connections. Its incoming connections are not low number ports (80 or
443) and have to be specifically enabled on the router/firewall or it
won't work well.
If it doesn't accept incoming connections, then why do its incoming
connections "have to be specifically enabled"? :)

To the original poster: an application that has a listening TCP socket
does indeed require that the router _somehow_ be configured to forward
connection requests to that socket. The two most common techniques
involve manually configuring the router or using the "universal
plug-and-play" protocol (by which a network application can obtain
specific information from the router and/or configure the router to do
specific forwarding).

Many routers support "port triggering", by which the router watches
outbound traffic and if it notes a network client using some particular
port (either locally or, more commonly, in the remote address), it
automatically enables forwarding to that client temporarily on some other
specified port or ports (which may include the original outbound port).
Specifics on this vary from router to router.

You may also want to Google "nat hole punching". It's more reliable when
used with UDP than TCP (different techniques are used with each, and doing
it using TCP requires lower-level access than sockets normally give you),
and in either case it's not 100% reliable as it depends on undocumented,
arbitrary behavior on the part of the router. But depending on how
important it is to solve the problem, it's something you might consider.

Note that if the router has literally "blocked" the ports, then the answer
is "you don't". Typically, the ports are only "blocked" in that the
router doesn't know who to forward the traffic to. This is addressable as
described above. But if someone's actually configured the router to not
allow traffic on those ports to pass, then the only thing that will allow
traffic on those ports through is to reconfigure the router so that it's
no longer blocking traffic on those ports.

Finally note that a "router" is not the same as a "firewall". Sometimes
the two functions are combined into a single device, but a firewall's job
is specifically to block traffic. Either it's blocking traffic on
specific ports or it's not. If it's not, you have nothing to do, and if
it is, nothing you can do short of changing the firewall configuration is
going to unblock the ports. Obviously, changing the firewall
configuration is not something that would be done automatically by a
software client without any user intervention. Otherwise it wouldn't be
much of a firewall. :)

Pete

Thanks for your answer :).

What I'm trying to do is to create a Java applet which can receive an
incoming
connection, so a connection is enstablished between a program and the
applet (which
must be able to accept the connection). Is this possible (to bypass
the router (not the firewall!)) and if it's possible, how?

Thanks

Erik
A standard way would be to use UPnP protocol to open up a port.

Everything else is more sophisticated.. like tricking the router into believing a connection was created .. probably not what you want (hole punching like told above)

As a sidenode port 80 and alike are often used to trick admins/isps that don't work with level-7 filters but just block unwanted traffic by port.
.

Relevant Pages

  • Re: Cisco 760
    ... On the ports you are unsure about below, where it says Router, does it ... I can't think why the router requires Port 80 to allow Port 443 other than a ... Current Configuration ... PAT Multicast Summarization Netbios Spoofing/Left ...
    (microsoft.public.windows.server.sbs)
  • Re: sporatic VPN problem
    ... It looks like it might have been the port count. ... I bleieve the router in the satelite office is a Linksys VPN router but I ... many connections as you're supporting. ...
    (microsoft.public.windows.server.sbs)
  • RE: Fedora core 1 sendmail problems
    ... > know that traffic on port 80 is coming in and out. ... initial posting - the same configuration did run before with RH 7.3 as ... meanwhile done by many provider for dialup connections to pretect agains ... work through port 80 to the Sendmail on your Fedora is running fine. ...
    (Fedora)
  • Re: problem with router---NAT and caching?
    ... > address of a particular machine if that is what is behind the router). ... before redirecting the incoming connections to it. ... I don't see what is strange about port 6000. ...
    (comp.os.vms)
  • Re: Does this work?
    ... As long as you're talking about a LAN-side ethernet port ... ... multiple laptops wirelessly connected to the router be able to print to ... WiFi connections, if it also has wired ethernet ports then it also supports ...
    (uk.comp.homebuilt)