Apparently, I did not explain it well enough. It’s not easy to understand if one has no experience with networking. I even personally know CTOs who struggle with that topic.
The server is usually “serving” something. Which means, metaphorically speaking, it is holding a plate with cheese on it and if you want to get it, you have to go to the server and take one piece of cheese.
So the client needs to open an outgoing port to reach out and get the item by putting its hand into the incoming port of the server. So the server needs to open his “door” (incoming port) for the hand to get in, while the hand itself needs to go out through its own “door” (outgoing port).
Hi @Akito and thank you so much for explaining how ports work.
First of all I had to look up CTO. I found out it stands for “Chief Technology Officer”. One further term I´ve learnt.
The cheese/plate metaphor made it clearer. Especially the hand part.
What a good way of explaining this.
O.K., I can see now where the notion of outgoing and incoming is deduced.
Well, I´ll have to change my way of imagining ports then. But I understand.
For me it´s always been difficult to grasp the notion of ports.
I never quite understood where ports are located.
E.g. when we are talking about port 24800. Is there a port 24800 on each of the computers (server and client). Or is there a single port 24800 which both computers share?
No, it isn’t. And you should know that, looking at a lot of questions on this forum being childishly asked, at best.
Every computer has 65535 ports. There is usually one static (unchanging) incoming port on the server side. Like this 24800 one.
The computer connecting to this port usually connects with a random outgoing port.
As mentioned in an earlier post, outgoing ports tend to get much more permissive handling, than incoming ports, because theoretically incoming ports can expose your computer to threats, while theoretically this is not a realistic issue with outgoing ports. Outgoing ports are just sending out information, so if your computer isn’t already infected, it won’t do harm to send out information.
Some programs show you in their logs when a client connects and with what port. Maybe that’s the case for barrier, as well.
So to keep it metaphorical, there is 1 restaurant with a single door, but people have all their own homes and get out their own door. But they all go through the same restaurant door, to get into the restaurant.
i’m sure @Akito can correct me if i’m missing something (or saying it incorrectly [it has been some time since i studied A+ network basics]), but ports are just numbers attached to incoming and outgoing data like a part of the address. your home (or apartment or castle?) has a number, street, city, etc. those descriptors can be used to identify where to send information to you. in this instance the information from barrier is using tcp (if i understood that part correctly from Akito’s firewall command) which is a way to order the information and adding a port is one part of that protocol.
in that way a firewall is just looking through the incoming data for a certain number in a certain location to see if it will allow that data to travel to its proposed destination or stop right there and be blocked.
Akito’s description helped me remember that servers are like the distro repos. they hold the information which the clients come in and get (or request access to). this feels a bit at odds with the word server in common use which to me is more like someone (or something) bringing something to you (or your system).
@Akito:
Sorry for not answering sooner. I just had to help a friend with her laptop via teamviewer.
Thanks.
I see now:
That´s what I always wanted to know. So 65535 ports on the client and on the server.
So my laptop (client) may use different ports whereas my PC (server) invariably uses port 24800 for barrier.
That´s why we had to add that port within a firewall rule on the server only.
I think I understood now.
Thanks so much for taking so much time and explaining the matter. It´s much appreciated.
The metaphors helped a lot.
thanks to your great help barrier is now running on both machines.
Yet after using it for a little time I noticed something weird:
The keyboard layout doesn´t seem to be right. I think it´s the US layout but I´m by no means really sure.
At least it´s not the German layout (as it should be).
Example: when typing “z” on my host keyboard it arrives as “y” on the client. Plus: many other keys are affected as well.
Curious though:
My server keyboard acts with the correct German layout on the server (my main PC).
And typing on the client laptop keyboard is alright on the laptop as well.
So no misconfiguration on the respective machines.
It´s on the “transmission way” from the server to the client when things getting messed up:
The settings for “Language” on both the server and the client are “German”. So it should be alright.