Novell Home

Detecting Port Usage

Novell Cool Solutions: Tip
By Jim Michael

Digg This - Slashdot This

Posted: 30 Jun 2005
 

A reader asked:

"I have BorderManager 3.8 on NetWare 6.5 running as proxy. I've had no problems with access to https sites with a standard 443 stateful filter so far.

Our accounts have started to use an online posting of data to a web site. Access via a web browser (https) is OK. However, when the accounts run the posting program, the connection to the site fails. If the BM filters are unloaded (ipflt), the posting works OK. The web site department has not been very forthcoming with information to help me find out the port usage for this posting service.

Can anybody help? What is the best way to find out which port is being used?"

And here's the response from Jim:


Just fire up Ethereal on your PC and then attempt to access the site. You should easily be able to see what port the SSL is attempting to go over.

Alternatively, you could do the following at the BorderManager :

set filter debug = on
set tcp discard filter debug=1

Then try to access the site. With the filters up, you should see the blocked packets.

Once you determine the port, a single stateful exception like this should be sufficient:

source interface: public
dest. interface: public
packet type: 
source address: BM primary public IP
dest. address: any

The new packet type would look like this:

protocol: tcp
source port: 1024-65535
dest. port: whatever port you determine its using
stateful: enabled


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell