Running a Server?
Version 1.0 dated Sun 16 Apr 2006 08:09:35 PM EDT
Suppose you have set up a server, the most likely being an http server. (Notice that little feather to the left of the http when accessing NCF web pages? Check out http://apache.org/ for more information). Maybe there is a version for your operating system. Or if you are running WinDOS, you might have been running a server all along ... ;-)
The default settings for the router's firewall will keep the outside world out. You now have to drill at least one hole to allow the outside world to see your server. Suppose you want to open port 80 (both http tcp and udp protocols) and port 22 for a secure shell connection.
The following screen-shot shows the server computer's inside address (I use a static address) coupled to an "unspecified" outside address. This is like a wild-card standing for whatever the IP address is at the moment (I am not using a static NCF address). Otherwise, I'd have to change this table every time my IP address was changed.
Amplifying (optional) Information
The following is an excerpt from a CLI session corresponding to the above setup, with no activity on the LAN. The last three lines correspond to the "unspecified" addresses in the web interface above, and the first three show the current "outside" or my present IP address:
=>nat list
Indx | Prot | Inside-address:Port | Outside-address:Port | Foreign-address:Port | Flgs |
1 | 17 | 10.0.0.69:80 | 206.248.151.94:80 | 0.0.0.0:0 | instance |
3 | 6 | 10.0.0.69:22 | 206.248.151.94:22 | 0.0.0.0:0 | instance |
16 | 6 | 10.0.0.69:80 | 206.248.151.94:80 | 0.0.0.0:0 | instance |
17 | 6 | 10.0.0.69:80 | 0.0.0.0:80 | 0.0.0.0:0 | template |
18 | 6 | 10.0.0.69:22 | 0.0.0.0:22 | 0.0.0.0:0 | template |
19 | 17 | 10.0.0.69:80 | 0.0.0.0:80 | 0.0.0.0:0 | template |
=> |
If you now start any programs that access the Internet (e.g. web browsers, email, Skype etc) you will see entries for assorted "Foreign-address" listed, for all computers on the LAN.
I started Skype on the server box, and launched Thunderbird on another computer, omitting the last two colums for readability. The last one shown "Expir" counts down and the connection disappears (expires), unless the program again accesses the web:
=>:nat list
Indx | Prot | Inside-address:Port | Outside-address:Port | Foreign-address:Port | Flgs | Expir |
0 | 17 | 10.0.0.37:2096 | 206.248.151.94:15326 | 206.47.244.78:53 | 1 | 4m53 |
1 | 17 | 10.0.0.69:80 | 206.248.151.94:80 | 0.0.0.0:0 | instance |
3 | 6 | 10.0.0.69:22 | 206.248.151.94:22 | 0.0.0.0:0 | instance |
12 | 17 | 10.0.0.37:2098 | 206.248.151.94:15328 | 206.47.244.78:53 | 1 | 4m53 |
16 | 6 | 10.0.0.69:80 | 206.248.151.94:80 | 0.0.0.0:0 | instance |
19 | 6 | 10.0.0.37:2103 | 206.248.151.94:15333 | 209.226.175.83:110 | 1 | 12s |
40 | 17 | 10.0.0.37:2097 | 206.248.151.94:15327 | 206.47.244.78:53 | 1 | 4m53 |
41 | 6 | 10.0.0.69:52252 | 206.248.151.94:15321 | 207.237.198.165:443 | 1 | 14m02 |
44 | 6 | 10.0.0.37:2100 | 206.248.151.94:15330 | 209.226.175.83:110 | 1 | 11s |
45 | 17 | 10.0.0.69:57838 | 206.248.151.94:15319 | 207.237.198.165:2902 | 1 | 4m52 |
47 | 6 | 10.0.0.37:2102 | 206.248.151.94:15332 | 209.226.175.83:110 | 1 | 10s |
48 | 6 | 10.0.0.37:2101 | 206.248.151.94:15331 | 209.226.175.83:110 | 1 | 10s |
67 | 6 | 10.0.0.37:2099 | 206.248.151.94:15329 | 134.117.136.45:110 | 1 | 10s |
71 | 6 | 10.0.0.37:2104 | 206.248.151.94:15334 | 206.191.0.228:110 | 1 | 9s |
74 | 17 | 10.0.0.37:2092 | 206.248.151.94:15324 | 206.47.244.78:53 | 1 | 4m00 |
75 | 6 | 10.0.0.69:80 | 0.0.0.0:80 | 0.0.0.0:0 | template |
76 | 6 | 10.0.0.69:22 | 0.0.0.0:22 | 0.0.0.0:0 | template |
77 | 17 | 10.0.0.69:80 | 0.0.0.0:80 | 0.0.0.0:0 | template |
=> |