Solved

force only port 80 for CHttpConnection?

Posted on 2007-11-29
3
250 Views
Last Modified: 2013-11-19
I have a program written in C++ (MFC) that makes http connections for various tasks - registration, downloading updates, etc.  Alot of my customers are in school districts with very strict firewalls, so what I need to do is restrict the program to only use port 80, which is allowed through the firewalls.

I pass port 80 when opening the connection:

pHttpconnection = session->GetHttpConnection((LPCTSTR)m_sURL,(INTERNET_PORT)80);

but when I check the open ports during operation, they are all over the board.  Using the program "Open Ports Scanner" I get port 1110 as the remote port, and local ports ranging anywhere from around 2200 to 3200.

Is there any way to force only using port 80?  If not, can someone offer a solution to the firewall issues that I am encountering?
0
Comment
Question by:aesdtt
  • 2
3 Comments
 
LVL 40

Expert Comment

by:evilrix
ID: 20380956
1. When you make a connection to port 80 that connection can come from any (free) local port above the unrestricted port range (1025-65535). This being the case, the open port on the server offering HTTP will be port 80 but the open ports on the local client (connecting to the server) can be any port over 1024.

2. Assuming your HTTP server is only offering HTTP on port 80 then this is the only ports the client will successfully connect to. So, how do you know the other open ports are related to this?

3. If you erect a firewall to block all out-going traffic (from client to server) to any port other than port 80 does it stop working?

4. have you tried telneting to port 1110 on the remote server to ensure it is HTTP and not some other service running that you didn't realize?

-Rx.
0
 

Author Comment

by:aesdtt
ID: 20586241
evilrx, sorry for the delay, this has had to take a backseat to more pressing issues over the past few weeks...

OK, I went back and realized that the connection with the remote port of 1110 was to IP address 127.0.0.1, so nevermind about that.  It does seem that all the connections being made by my program have a remote port of 80 (and like you said, the local port jumps around).

What I am wondering now is, should most firewalls only care about the remote port, or do they block by local port as well?  If the customer firewalls are restricting the program from opening random local ports, then I guess my only option would be to have them add a program exception to the firewall - but is this how most firewalls operate?
0
 
LVL 40

Accepted Solution

by:
evilrix earned 300 total points
ID: 20586494
Most generic firewalls (ie. proper firewalls rather than personal ones) will allow outgoing traffic from any port; although more complex rules can be defined as necessary. It is incoming traffic that is normally blocked unless it is in response to an originating out-bound. There are various ways the firewall can filter in-bound to ensure it is in response to an outbound, such as checking for SYN/ACK flags. I am not a firewall/tcpip expert so I'm not going to try and explain the detail of how it works. Reading up on how TCP works on Wikipedia should provide you with some insight.

http://en.wikipedia.org/wiki/Transmission_Control_Protocol

You might also want to look at these links: -

http://www.interhack.net/pubs/fwfaq/
http://www.howstuffworks.com/firewall.htm

In short, you shouldn't have any problems as long as a normal web browser (e.g. IE) works your code will to.

-Rx.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Basic understanding on "OO- Object Orientation" is needed for designing a logical solution to solve a problem. Basic OOAD is a prerequisite for a coder to ensure that they follow the basic design of OO. This would help developers to understand the b…
Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.

937 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now