this post was submitted on 09 Apr 2024
228 points (95.2% liked)
Asklemmy
43945 readers
590 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Maybe think of it like one of those big walls of post office mailboxes......behind the wall is your computer and an app might be waiting for a message at box 22 or box 45678. You could close all the boxes and nothing could get in, or you could open one or all of them and allow people to deliver messages to them.
If you connect your computer directly to the internet, anyone who knows your IP address could say 'deliver message X to port 22 at ip address and the program watching that box would get the message.
If you put a router in the mix, and multiple computers, the router has the same block of boxes, but if someone sends a message to one of the boxes it just sets there. If you set up 'forwarding', sending a message to your ip address gets the message to the router, but if you forward box 22 from your router to a specific computer on your network, then the router takes a message at box 22 on itself and 'forwards' it to box 22 on whatever computer you specific (using internal ip addresses).
You could map box 22 on your router to any other box on your computer....like port 22 coming into your router might get sent to port 155 on your computer...this is useful if you don't want external people just exploring and lazily breaking into your computer using known vulnerabilities. Lots of ports are 'common', so an ftp hack on port 22 is easy, and might be 'slightly' harder if you tell your computer to actually look for ftp traffic on port 3333 or something.
The one statement "using internal IP addresses" has clarified something to where I'm actually excited to try working on a long-standing problem.
But how come I'll get instructions from a program that I have to allow ip "bla.bl.b.blah:80" when that number isn't my IP? Then I go on my router and do it and the program doesn't work/port isn't open? Those kind of problems kill me.
This is a really old message, but if you're still having the same question i could try to answer, but that kind of message is pretty context dependant. For that specific one, it sounds like your program is trying to access something outside your network,, like they have a website they need to access to check for updates or something.
I'm trying to remember the context. I think it was when I was putting in the -arrs, but that doesn't seem right. If I remember the exact circumstance I'll pm you, thanks for responding.