help clarify source and destination port(s)

joesspamkiller · February 21, 2009, 3:52am

Hi all,

Thanks in advance to anyone who can help clarify this, since the Comodo Help does not thoroughly do so. I used to use a rule-based firewall for which the addresses and ports listed in the rules were marked as “local” and “remote,” making it easy for me to understand that “local” meant ports on my computer and “remote” meant ports of another computer for any connection, whether incoming or outgoing. Comodo uses the terminology “source” and “destination;” this would seem to mean that ports on my computer would be “source” ports for outgoing connections and “destination” ports for incoming connections (vice-versa for ports on computers at the other end of the connection). Do I have this right?

If so, and I wanted to allow application.exe to allow incoming TCP connections for local (my computer) port 52330 for any remote computer, the rule would be:

Application: application.exe
Action: Allow
Protocol: TCP
Direction: Incoming
Description: application.exe incoming TCP rule
Source Address: Any (any outside computer may contact application.exe through this rule)
Destination Address: Any (my computer but it must be “Any” since I have a dynamically allocated IP)
Source Port: Any (I don’t care which port the remote computer uses)
Destination Port: 52330 (I only want it to allow connections to application.exe on this port on my computer)

If I have it wrong and “source” means “local” (my computer) no matter the direction (and “destination” means the remote computer no matter the direction), the rule would be:

Application: application.exe
Action: Allow
Protocol: TCP
Direction: Incoming
Description: application.exe incoming TCP rule
Source Address: Any (my computer but it must be “Any” since I have a dynamically allocated IP)
Destination Address: Any (any remote computer may contact application.exe through this rule)
Source Port: 52330 (I only want it to allow connections to application.exe on this port on my computer)
Destination Port: Any (I don’t care which port the remote computer uses)

Please advise. Again, thanks for the help!

panic · February 21, 2009, 7:39am

G’day,

You’ve hit the nail on the head Joe.

The terms source and destination (in a Comodo context) are relative to the direction of the data flow. For inbound comms, destination is YOU and source is the OTHER. For outbound it’s the reverse.

It may not be as simple as LOCAL and REMOTE, but it is, IMHO, more accurate and it does make you think about your rules a bit more which can help you make tighter rules and develop a better understanding of what’s going on.

Hope this helps,
Ewen

joesspamkiller · February 21, 2009, 6:31pm

Thanks very much, Ewen – it’s all clear now!

:■■■■