Controlling accepted source port

Hi there,

How can I control which port the kernel uses as a source port for source
port?

for example you would have something like a web server which listens on
port 80, accepts an incomming connection an uses only port 5050 for the
source port for the accepted connection.

i.e.

192.168.0.1ort 80 listens <--- incomming connection from 192.168.0.200

192.168.0.1ort 5050 serves page ---> to 192.168.0.200

If you can direct me to any books to read it would be greatly appreciated.

Thanks.

In article <(E-Mail Removed)>, Rick Lim wrote:
> Hi there,
>
> How can I control which port the kernel uses as a source port for source
> port?
>
> for example you would have something like a web server which listens on
> port 80, accepts an incomming connection an uses only port 5050 for the
> source port for the accepted connection.
>
> i.e.
>
> 192.168.0.1ort 80 listens <--- incomming connection from 192.168.0.200
>
> 192.168.0.1ort 5050 serves page ---> to 192.168.0.200
>
> If you can direct me to any books to read it would be greatly appreciated.
>
You might be able to get a webserver to do this, however it would be simpler
to just use iptables. An example command would simply be:

iptables -I INPUT --dport 80 --sport ! 5050 -j REJECT

The above command will let any host talk to the local machines port 80 if
their source port is 5050, regardless of their source ip address.

I recommend you read up on the networking documentation at http://tldp.org/

Regards

Alex

I don't want to use iptables or a nat box, I want a box that will just
sit on a network and listen for requests on one port, but reply with the
data on a specified port.

Alexander Clouter wrote:
> In article <(E-Mail Removed)>, Rick Lim wrote:
>
>>Hi there,
>>
>>How can I control which port the kernel uses as a source port for source
>>port?
>>
>>for example you would have something like a web server which listens on
>>port 80, accepts an incomming connection an uses only port 5050 for the
>>source port for the accepted connection.
>>
>>i.e.
>>
>>192.168.0.1ort 80 listens <--- incomming connection from 192.168.0.200
>>
>>192.168.0.1ort 5050 serves page ---> to 192.168.0.200
>>
>>If you can direct me to any books to read it would be greatly appreciated.
>>
>
> You might be able to get a webserver to do this, however it would be simpler
> to just use iptables. An example command would simply be:
>
> iptables -I INPUT --dport 80 --sport ! 5050 -j REJECT
>
> The above command will let any host talk to the local machines port 80 if
> their source port is 5050, regardless of their source ip address.
>
> I recommend you read up on the networking documentation at http://tldp.org/
>
> Regards
>
> Alex

In article <(E-Mail Removed)>, Rick Lim wrote:
> I don't want to use iptables or a nat box, I want a box that will just
> sit on a network and listen for requests on one port, but reply with the
> data on a specified port.
>
grrrrr you must not also send e-mails, repeat to your self twenty times!

Well depending on the server, you cannot do it with out just simply
redirecting the client to the different port and run your server there. I am
curious what you are trying to do with this as I see very little point in
what you are trying to accomplish.

It would help lots if you could describe why you were doing this?

The problem is you would have to write the client program to then expect the
data to come back on port 5050, which would involve a brand new startup of
TCP etc etc etc.

The only thing I know that does this is active mode FTP....

Regards

Alex