Improve company productivity with a Business Account.Sign Up

x
?
Solved

force only port 80 for CHttpConnection?

Posted on 2007-11-29
3
Medium Priority
?
270 Views
Last Modified: 2013-11-19
I have a program written in C++ (MFC) that makes http connections for various tasks - registration, downloading updates, etc.  Alot of my customers are in school districts with very strict firewalls, so what I need to do is restrict the program to only use port 80, which is allowed through the firewalls.

I pass port 80 when opening the connection:

pHttpconnection = session->GetHttpConnection((LPCTSTR)m_sURL,(INTERNET_PORT)80);

but when I check the open ports during operation, they are all over the board.  Using the program "Open Ports Scanner" I get port 1110 as the remote port, and local ports ranging anywhere from around 2200 to 3200.

Is there any way to force only using port 80?  If not, can someone offer a solution to the firewall issues that I am encountering?
0
Comment
Question by:aesdtt
  • 2
3 Comments
 
LVL 40

Expert Comment

by:evilrix
ID: 20380956
1. When you make a connection to port 80 that connection can come from any (free) local port above the unrestricted port range (1025-65535). This being the case, the open port on the server offering HTTP will be port 80 but the open ports on the local client (connecting to the server) can be any port over 1024.

2. Assuming your HTTP server is only offering HTTP on port 80 then this is the only ports the client will successfully connect to. So, how do you know the other open ports are related to this?

3. If you erect a firewall to block all out-going traffic (from client to server) to any port other than port 80 does it stop working?

4. have you tried telneting to port 1110 on the remote server to ensure it is HTTP and not some other service running that you didn't realize?

-Rx.
0
 

Author Comment

by:aesdtt
ID: 20586241
evilrx, sorry for the delay, this has had to take a backseat to more pressing issues over the past few weeks...

OK, I went back and realized that the connection with the remote port of 1110 was to IP address 127.0.0.1, so nevermind about that.  It does seem that all the connections being made by my program have a remote port of 80 (and like you said, the local port jumps around).

What I am wondering now is, should most firewalls only care about the remote port, or do they block by local port as well?  If the customer firewalls are restricting the program from opening random local ports, then I guess my only option would be to have them add a program exception to the firewall - but is this how most firewalls operate?
0
 
LVL 40

Accepted Solution

by:
evilrix earned 1200 total points
ID: 20586494
Most generic firewalls (ie. proper firewalls rather than personal ones) will allow outgoing traffic from any port; although more complex rules can be defined as necessary. It is incoming traffic that is normally blocked unless it is in response to an originating out-bound. There are various ways the firewall can filter in-bound to ensure it is in response to an outbound, such as checking for SYN/ACK flags. I am not a firewall/tcpip expert so I'm not going to try and explain the detail of how it works. Reading up on how TCP works on Wikipedia should provide you with some insight.

http://en.wikipedia.org/wiki/Transmission_Control_Protocol

You might also want to look at these links: -

http://www.interhack.net/pubs/fwfaq/
http://www.howstuffworks.com/firewall.htm

In short, you shouldn't have any problems as long as a normal web browser (e.g. IE) works your code will to.

-Rx.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

No other job is as rewarding and demanding as building an iPhone app is. It is not really in the hands of the developer for the success of an iPhone app. Many factors operate jointly for every iOS application's success in the market.
Now many of you may wonder how you can reach great design with least number of essentials. Isn’t stuffing ‘more and more number of elements that speak for the purpose’ the right way to do it? Erm, not always, and in this write-up, you will see why.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question