most of the tcp app have the same behavior
But FTP is little bit different !
On Thu, Apr 2, 2009 at 10:34 PM, naveen M S <navin.ms_at_gmail.com> wrote:
> Thanks a bunch. Found the same explanation in this link
> *http://www.firewall.cx/tcp-analysis-section-1.php*
>
>
>
>
> On Thu, Apr 2, 2009 at 12:16 PM, Divin Mathew John
<divinjohn_at_gmail.com>wrote:
>
>> yes i think saleah is rt
>> Thanking You
>>
>> Yours Sincerely
>>
>> Divin Mathew John
>> divinjohn_at_gmail.com
>> divin_at_dide3d.com
>> +91 9945430983
>> +91 9846697191
>> +974 5008916
>> PGP PUBLIC KEY BLOCK @ http://www.dide3d.com/divin_Public_PGP_key.txt
>> Sent from Bangalore, KA, India
>>
>> On Fri, Apr 3, 2009 at 12:23 AM, Salah ElShekeil <
>> salah.elshekeil_at_gmail.com> wrote:
>>
>>> Traffic distend to a web server
>>>
>>> Source port = random
>>>
>>> Distention port = 80
>>>
>>> Traffic coming from a web server
>>>
>>> Source port = 80
>>>
>>> Destination port = random
>>>
>>> �It will reply to the same client source port�
>>>
>>>
>>>
>>> HTH
>>>
>>>
>>>
>>> Salah
>>>
>>>
>>> On Thu, Apr 2, 2009 at 9:38 PM, naveen M S <navin.ms_at_gmail.com> wrote:
>>>
>>>> Thanks Divin. This is my understanding.
>>>>
>>>> WebClient---------------------------------WebServer
>>>>
>>>> 1) For Traffic flowing from Client to Server:
>>>> Src TCP port = Any
>>>> Dest TCP port = 80
>>>>
>>>> 2) For traffic flowing from Server to Client:
>>>> Src TCP port = 80
>>>> Dest TCP port = 80
>>>>
>>>> Is this correct ?
>>>>
>>>>
>>>> On Thu, Apr 2, 2009 at 11:19 AM, Divin Mathew John <divinjohn_at_gmail.com
>>>> >wrote:
>>>>
>>>> > I think destination Port would be more APT.! becoz to connect to a
>>>> normal
>>>> > HTTP webserver u wud use port 80 to connect to web server and not
>>>> > necessarily POrt 80 on your comp.!
>>>> > Thanking You
>>>> >
>>>> > Yours Sincerely
>>>> >
>>>> > Divin Mathew John
>>>> > divinjohn_at_gmail.com
>>>> > divin_at_dide3d.com
>>>> > +91 9945430983
>>>> > +91 9846697191
>>>> > +974 5008916
>>>> > PGP PUBLIC KEY BLOCK @ http://www.dide3d.com/divin_Public_PGP_key.txt
>>>> > Sent from Bangalore, KA, India
>>>> >
>>>> > On Thu, Apr 2, 2009 at 11:44 PM, naveen M S <navin.ms_at_gmail.com>
>>>> wrote:
>>>> >
>>>> >> Group,
>>>> >>
>>>> >> I have trouble translating these statements to ACLs.
>>>> >>
>>>> >> 1) All HTTP traffic coming from Vlan 34.
>>>> >> 2) All HTTP traffic coming from R1 on Vlan 34.
>>>> >> 3) All HTTP traffic coming from Web Server on Vlan 34.
>>>> >> 4) All HTTP traffic going out to Vlan 34.
>>>> >> 5) All HTTP traffic going out to Web Server on Vlan 34.
>>>> >>
>>>> >> *Question is:*
>>>> >> Should I match both Source and Destination TCP port to 80 (or) just
>>>> one of
>>>> >> them ?
>>>> >> Assume Vlan 34 = 10.1.34.0/24, R1 = 10.1.34.1/24, WebServer =
>>>> >> 10.1.34.100/24
>>>> >>
>>>> >> My solutions is for the above are:
>>>> >>
>>>> >> a) Match source tcp port = 80 for incoming HTTP traffic
>>>> >> b) Match destination tcp port = 80 for outgoing HTTP traffic.
>>>> >>
>>>> >> 1) ip access-list extended V34_in
>>>> >> permit tcp 10.1.34.0 0.0.0.255 eq www any
>>>> >>
>>>> >> 2) ip access-list extended V34_R1_in
>>>> >> permit tcp 10.1.34.1 0.0.0.0 eq www any
>>>> >>
>>>> >> 3) ip access-list extended V34_WS_in
>>>> >> permit tcp 10.1.30.100 0.0.0.0 eq www any
>>>> >>
>>>> >> 4) ip access-list extended V34_out
>>>> >> permit tcp any 10.1.30.0 0.0.0.255 eq www
>>>> >>
>>>> >> 5) ip access-list extended V34_WS_out
>>>> >> permit tcp any 10.1.30.100 0.0.0.0 eq www
>>>> >>
>>>> >> Can someone please highlight the Source & Destination TCP ports for
>>>> HTTP
>>>> >> traffic in both directions ?
>>>> >>
>>>> >> Thanks very much,
>>>> >> Naveen.
>>>> >>
>>>> >>
>>>> >> Blogs and organic groups at http://www.ccie.net
>>>> >>
>>>> >>
>>>> _______________________________________________________________________
>>>> >> Subscription information may be found at:
>>>> >> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Apr 02 2009 - 22:37:23 ART