源端口与目标端口 [英] Source Port vs Destination Port

问题描述

我是TCP/IP的新手，正在努力学习基础知识.好吧，我真的很想知道防火墙的入站规则和出站规则，以及源地址:端口，目标地址:端口的概念.

I am new to TCP/IP and trying hard to learn basics. Well, I really wonder about inbound rules and outbound rules of Firewall and concept of source adress:port, destination adress:port.

例如，我正在研究端口80.我知道http使用端口80.但是，当我尝试监听流量时，我发现我的浏览器未使用80.从图像中可以看到，仅使用目标端口80并且目标"应该是承载网页的服务器，而不是我的计算机.而且在源端口上也没有使用过的端口80，源"应该是我的计算机.

For example I am investigating port 80. I know that http uses port 80. But when I try to listen the traffic I see that my browser doesn't use 80. As you see from the image only destination port 80 is used and "destination" should be the server that hosts web pages not my computer. And also there is no used port 80 on source port, "source" should be my computer.

我的浏览器使用其他一些端口作为源，并转到服务器端口80.据此，我了解到我的计算机的端口80不用于http，只有托管网页的服务器计算机才使用端口80，但是如果我关闭端口80或我的计算机无法通过出站规则访问互联网，则无法正常工作.但是，正如我从图像中以前了解到的那样，计算机上未使用端口80.

My browser uses some other ports as source and goes to server port 80. From that, I understand that port 80 of my computer is not used for http, only server computers that host the web pages used port 80 but if I close port 80 or my computer from outbound rules the internet dooesn't work. But as I understood before from the image, port 80 is not used on my computer.

真的很困惑.有人可以帮我澄清一下吗?

Really confused. Can anybody clarify it for me?

推荐答案

您是正确的:通信从计算机(随机"选择源端口)到Web服务器(目标端口80).并从Web服务器(源端口80)到计算机(目标端口xxxxx)以获取服务器的响应.

You are right : the communication goes from your computer (source port chosen "randomly") to a web server (destination port 80). And from a web server (source port 80) to your computer (destination port xxxxx) for the server's responses.

如果您在出站规则中关闭端口80，则您的计算机将无法访问任何Web服务器，因为此规则意味着您的防火墙会丢弃从计算机发送到端口80上的目的地的所有数据包.

If you close port 80 in outbound rules, your computer will not be able to access any web server because this rule means that your firewall drops any packets which are send from your computer to a destination on port 80.

编辑

实际上，您发送的数据包包含以下参数:

Actually, the packets you send contains parameters such as :

your_IP, server_IP, source_port (xxxxx), destination port (80)

当防火墙看到此类数据包时，它将应用出站规则(与从计算机到Web服务器的通信有关的规则).如果您的出站规则是关闭端口80(这意味着丢弃目标端口为80的所有数据包)，则通常会看到您尝试发送到Web服务器的数据包被丢弃.

When your firewall sees that kind of packet, it applies the outbound rules (the one concerning the communication FROM your computer TO a web serer). If your outbound rule is to close port 80 (which means to drop any packets whose destination port is 80) it is normal to see the packets you try to send to a web server getting dropped.

在出站规则中关闭端口80并不意味着您关闭计算机的端口80.这意味着防火墙会丢弃目标端口为80的数据包.

closing port 80 in outbound rules doesn't mean you close your computer's port 80. It means your firewall drops packets whose destination port is 80.

这篇关于源端口与目标端口的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！