Sunday, 2 October 2011

PORT FORWARDING



Many of us might have played multi-player online games on laptops or PCs and one of you might also have acted as a server as well in few games.
But while enjoying your game have you ever thought What is the need of making a server?
Or what all is going behind your exciting game?
Well, this blog post deals with such hidden activities happening all the time in networking.

All these server hosting works are possible because of a technical word “PORT FORWARDING”
So let’s start from the basics.

Every device on the internet has at least one ip address. The IP address is a number that is used to identify a device.
Every IP address is divided up into many ports. When one computer sends data to another computer, it sends it from a port on an ip address to a port on an ip address. A port can only be used by one program at a time.

The first question that comes to mind is:
  
WHAT ARE PORTS??

A port is an application-specific or process-specific software construct serving as a communications endpoint. A specific port is identified by its number, commonly known as the port number, the IP Address with which it is associated, and the type of transport protocol used for communication.

In general, Ports are a software construct that are the building block of networking. To communicate among the two computers Port sends the IP address to each other.

How to find own IP address?

In windows just go to command prompt and type ipconfig.The screenshot shows the IP address of a PC in windows



In linux, go to terminal and type ifconfig for the IP address (see screenshot):





Each port is given a specific port number which refers to that particular port.
The Table mentions some of the most common used ports.


20
FTP-Data
21
FTP-Control
22
Telnet
23
SSH
80
HTTP
443
HTTPS



Now let’s understand what PORT FORWARDING means. As the word forward itself tells to pass something to someone, in the same way Port Forwarding means to forward Port to someone.
 
Now the question arises who is someone here?
The someone here means another machine or device. This is done 'transparently', meaning that network clients cannot see that Port Forwarding is being done


When using Port Forwarding the packets that you wish to redirect need to pass through the machine running Router. If you are using Port Forwarding to forward a port on the Router machine to somewhere else, everything will work fine by default. The packets go directly to the Router machine and are then redirected/forwarded.




When using Port Forwarding it is important to keep in mind that Router can only modify packet traffic that passes through the computer running Router.                                                                                                                                                       
This is best explained by example. Looking at the diagram above, we have a couple machines (A and B) on a local area network. They are connected to the internet via a gateway (R). The gateway computer is also running Router. Imagine that we want to port forward traffic to TCP port 80 on machine R to port 80 on another computer on the internet (I). TCP port 80 is usually used by web servers incidently. Packets from the LAN (A and B) would go to port 80 on the gateway (R), and then Router would forward the packets on to their new destination, the machine (I) on the Internet. This would all work as expected.


What wouldn't work is if you tried to use Router to forward a port belonging to machine B. Packets passing through Router would be affected, but the port forward would not packets from machine A because machine A communicates with B directly without going through Router -- they are on the same local network.
This usually means that Router needs to run on a machine that is also acting as a gateway for the local network.

PORT FORWARDING IN WINDOWS AND LINUX

Port forwarding involves 4 major steps:

1. Know which ports are open.

Only those ports can be forwarded which are open. In command propt, ipconfig –an shows the detail of the ports which are open i.e whose state is “LISTENING”. (see snapshot)

    
                      


             In linux netstat is  used to check the open ports.
  


                    
                                                   
             

 
2. Find IP address of another computer on which you want to do Port Forwarding.

For this you may know already the IP address before hand or you may send an e-mail to the person to know IP address of his/her computer.


3. Forward port on Router

Look at the snapshot which shows the status of the router.






Go on to the web browser and type the router address. Form a virtual server by clicking on the tab NAT/Virtual server.

Fill the details. Give any service name of your choice. Enter the protocol(TCP/UDP).
Enter the port numbers to be forwarded and then the IP address to which you want to forward the ports.







4. Configuration of Firewall

Go to “WINDOWS FIREWALL WITH ADVANCED SECURITY” and click on New Rule.




Then select the type of rule (Here port rule).





Select one from TCP/UDP and decide whether rule is specific or applies on all.






You can even decide the action you want to perform for connection(see snapshot).
 



 Enter name and description and click o FINISH.


CONFIGURATION OF FIREWALL IN LINUX

In linux, go to terminal and type command sudo ufw status to check the status of the pre installed firewall ufw in linux.
You must have the administrative rights to alter the values. (sudo command used)

Sudo ufw enable
This command Activates the Firewall. 
                                               

                         


To allow any port to be passed through Firewall, use syntax

Sudo ufw <port number>/<protocol>
For eg. See the snapshot:









NOTE: After the Port forwarding is done never leave the Ports open as they make your computer prone to hacking and can be used to access files and documents in your computer by the hackers.


By:
Mayank Garg(2011065)
Rachit Jain(2011084)

No comments:

Post a Comment