It’s the one thing when I’m configuring things that makes me wince because I know it will give me the business, and I know it shouldn’t, but it does, every time. I have no real idea what I’m doing, what it is, how it works, so of course I’m blindly following instructions like a monkey at a typewriter.

Please guide me into enlightenment.

  • dnick@sh.itjust.works
    link
    fedilink
    arrow-up
    0
    ·
    7 months ago

    Maybe think of it like one of those big walls of post office mailboxes…behind the wall is your computer and an app might be waiting for a message at box 22 or box 45678. You could close all the boxes and nothing could get in, or you could open one or all of them and allow people to deliver messages to them.

    If you connect your computer directly to the internet, anyone who knows your IP address could say 'deliver message X to port 22 at ip address <your ip address> and the program watching that box would get the message.

    If you put a router in the mix, and multiple computers, the router has the same block of boxes, but if someone sends a message to one of the boxes it just sets there. If you set up ‘forwarding’, sending a message to your ip address gets the message to the router, but if you forward box 22 from your router to a specific computer on your network, then the router takes a message at box 22 on itself and ‘forwards’ it to box 22 on whatever computer you specific (using internal ip addresses).

    You could map box 22 on your router to any other box on your computer…like port 22 coming into your router might get sent to port 155 on your computer…this is useful if you don’t want external people just exploring and lazily breaking into your computer using known vulnerabilities. Lots of ports are ‘common’, so an ftp hack on port 22 is easy, and might be ‘slightly’ harder if you tell your computer to actually look for ftp traffic on port 3333 or something.

    • Melatonin@lemmy.dbzer0.comOP
      link
      fedilink
      arrow-up
      0
      ·
      7 months ago

      The one statement “using internal IP addresses” has clarified something to where I’m actually excited to try working on a long-standing problem.

      But how come I’ll get instructions from a program that I have to allow ip “bla.bl.b.blah:80” when that number isn’t my IP? Then I go on my router and do it and the program doesn’t work/port isn’t open? Those kind of problems kill me.

      • dnick@sh.itjust.works
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        This is a really old message, but if you’re still having the same question i could try to answer, but that kind of message is pretty context dependant. For that specific one, it sounds like your program is trying to access something outside your network, like they have a website they need to access to check for updates or something.