Home / Uncategorized / Port forwarding

Port forwarding

Port forwarding

Port forwarding is the behind the scenes process of intercepting data traffic headed for a computer’s IP/port combination and redirecting it to a different IP and port. A program that’s running on the destination computer (host) usually causes the redirection, but sometimes it can also be an intermediate hardware component, such as a router, proxy server or firewall. Of course, even though anyone sending data to a server isn’t aware of what’s going on, the request will still get to its ultimate destination.

Playing with Packets:-

It all starts with  the packets that get created when you send data request over the internet. Normally, a network router will examine the header of an IP packet and send it to a linked and appropriate interface, which in turn sends the data to the destination information that ‘s in the header.But in port forwarding, the intercepting application (or device) reads the packet header, notes the destination, and then rewrites the header information andn sends it to a another computer – one that’s different from the one intended. That secondary host destination may be a different IP addresss, or a completely different combination of the two.

Read:- what is malwares

Port forwarding

Need of Port-forwarding:-

Port forwarding allows remote computers (for example, computers on the Internet) to connect ot a specific computer or service within a private local-area network(LAN). In a  typical residential network, nodes obtain Internet access through a DSL or cable translator (NAT/NAPT). Hosts on the private network are connected to an Ethernet switch or communicate via a wireless LAN. The NAT device’s external interface is configured with a public IP address. The computers behind the router, on the other hand, are invisible to hosts on the internet as they each communicate only with a private IP address.

When configuring port forwarding, the network administrator sets aside one port number on the gateway for the exclusive use of communicating with a service in the private network, located on a specific host. External hosts must know this port number and the address of the gateway to communicate with the network-internal service. Often, the port numbers of well-known Internet services may be implemented on hosts within private networks.

Typical application include the following:

* Running a public HTTP server within a private LAN.

* Permitting Secure Shell access to a host on the private LAN from the Internet.

* Permitting FTP access to a host on a private LAN form the Internet.

* Running a plublicly available game server within a private LAN.

Administrators configure port forwarding in the gateway’s operating system. In Linux kernetls, this is achieved by packet filter rules in the ip tables or net filter kernel components. BSD and Mac OS X operating systems implement it in the Ip firewall (ipfw ) module.

When used on gateway devices. a port forward may be implemented with a single rule to translate the destination address and port. (On Linux kernels, this is DNAT rule). The source address and port are, in this case, left unchanged to be the address of the translating machine, or packets will bypass the translator and the connection will fail.

When a port forward is implemented by a proxy process (such as on application layer firewalls, SOCKS based firewalls, or via TCP circuit proxies), then no packets are actually translated, only data is proxied. This usually results in the source address (and port number) being changed to that of the proxy machine.

Usually only one of the private hosts can use a specific forwarded port at one time, but configuration is sometimes possible to differntiate accss by the origination host’s source address.

Unix-like operating systems sometimes use port forwarding where port umbers samller than 1024 can only be created by software running as the root user. Running with superuser privileges (in order to bind the port)  may be a security risk to the host, therefore port to another high-numbered port, so that application software may execute as a common operating system user with reduced privileges.

The Universal Plug and Play protocol (UPnP) provides a feature to automatically install instances of port forwarding in residential Internet gateways. UPnP defines the Internet Gateway Devices Protocol (IGD) which is a network service by which an Internet gatway adverises its presence on a private network via the Simple Service Discovery Protocol(SSDP). An application that provides an internet-based service may discover such gateways and use the UPnP IGD protocol to reserve a port number on the gateway and cause the gateway to forward packets to its listening socket.

I hope that you understand my post. if you like this post then share my post, and comment on my post if you have any suggestion or Queries related to Port forwarding. Thank you!

Check Also

windows hello

windows hello

windows hello Windows Hello is a new way to unlock your computer and it makes …

Leave a Reply

Your email address will not be published. Required fields are marked *