Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

Winsock and TCP Ports - packet filtering

0 views

Skip to first unread message

Mathias Gummert

unread,

Jul 10, 2003, 5:51:58 AM7/10/03

I have a question concerning packet filtering.

I understand that an application connects to another PC in the network
by calling it´s IP address and the port # of the application it wants
to communicate with.

When I watch the procedure using the "netstat" command, I notice that
the server´s port #, which is called by the client, is always the
same. What puzzles me is, that the client uses different port #s. Each
time I close the TCP connection and re-establish it, the client uses a
different port #. The IP stack seems to assign a new port for each new
connection.

So how can I filter frames of an application if the port # changes
each time the connection is being made?

Is it enough to indicate the server application´s port # as a filter
criterium?

Is it possible to force the client application to use a specific port
#?

Thank´s for any hint!

Mathias...

Richard Clayton

unread,

Jul 10, 2003, 8:20:40 PM7/10/03

In article <2bdd3303.03071...@posting.google.com>, Mathias
Gummert <mat...@gummert.de> writes

>I have a question concerning packet filtering.
>
>I understand that an application connects to another PC in the network
>by calling it´s IP address and the port # of the application it wants
>to communicate with.
>
>When I watch the procedure using the "netstat" command, I notice that
>the server´s port #, which is called by the client, is always the
>same. What puzzles me is, that the client uses different port #s.

this is to ensure local uniqueness of connection

>Each
>time I close the TCP connection and re-establish it, the client uses a
>different port #. The IP stack seems to assign a new port for each new
>connection.

this is standard

>So how can I filter frames of an application if the port # changes
>each time the connection is being made?

filter on source IP, destination IP and destination port

>Is it enough to indicate the server application´s port # as a filter
>criterium?

it depends

>Is it possible to force the client application to use a specific port
>#?

it would be undesirable :(

--
richard @ highwayman . com "Nothing seems the same
Still you never see the change from day to day
And no-one notices the customs slip away"

0 new messages