+ Reply to Thread
Results 1 to 3 of 3
  1. Member
    Join Date
    May 2007
    Posts
    59
    #1

    Default Packet Filtering Confusion

    Hi,

    I get confused with source and destination ports, does anyone know of a website that explains this clearly?

    Chris.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #2
    The source port is the port that is used on the machine sending the data. The destination port is the target port of the recipient machine. What are you having a hard time with?
    Reply With Quote Quote  

  4. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #3
    Perhaps this will help.

    So here's an example in netstat:

    TCP 192.168.1.109:53542 207.68.183.124:http ESTABLISHED

    192.168.1.109 is the IP address of my machine. Please, don't hack me!

    On a more serious note...

    As you can see, 53542 is a randomly used port to send data to a destination of 207.68.183.124 over the http (80) protocol. The way this works is through NAT Overloading (PAT). So essentially, the reason why we have a source port is as follows:

    The sending computer sends with:
    Source: 192.168.1.109:53542
    Destination: 207.68.183.124:http (port 80)

    The packet hits the router
    The router changes the source IP to the public IP of the router (lets say 1.2.3.4)
    The destination receives the packet

    The destination computer then sends data back with:
    Source: 207.68.183.124
    Destination: 1.2.3.4:53542

    You can now probably see why we use source ports vs destination port. The packet contains the original source port. When the http server (207.68.183.124) received the packet, it knows the packet originally used a source port of 53542 so when it responds to the public router of the original sender using port 53542, the router of the original sender knows to send it back to the system that originally sent the data over 53542 by using its' NAT table.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks