aspose file tools*
The moose likes Sockets and Internet Protocols and the fly likes port block using java Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "port block using java" Watch "port block using java" New topic
Author

port block using java

ritesh thakur
Greenhorn

Joined: Jul 08, 2013
Posts: 13


-3
down vote
favorite
I am using this code to block a port.

try
{

int c=0;
c=b-1;
ServerSocket ss=new ServerSocket(blockedport[c]);

while(true)
{
Thread.sleep(1200);
if(((check[c])==false)||firewallstatus==0)
{
ss.close();
}
Thread.sleep(1200);
if(((check[c])==true)&& (firewallstatus==1))
{
try
{
ss=new ServerSocket (blockedport[c]);
}
}
}
}
Problem I am facing is that when I check whether the port is blocked using another program, which is as follows:

import java.io.*;
import java.net.*;

public class checkport80 {
public static void main(String[] args) throws IOException {
try {
ServerSocket ss = new ServerSocket(80);
System.out.print("The port is not blocked");
} catch (Exception e) {
System.out.print(e);
}
}
}
It says port has been blocked. but for eg. if I block port port 80, http sites are opening, while http:// sites work on port 80.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18662
    
    8

Hi ritesh, welcome to the Ranch!

Your post is a little unclear to me: did you mean to say that you tried to block port 80 on your computer by running that code you posted, and then you found that connecting to HTTP sites on some other computer that you could still do that?
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18896
    
  40

ritesh thakur wrote:

I am using this code to block a port.


It says port has been blocked. but for eg. if I block port port 80, http sites are opening, while http:// sites work on port 80.



And technically, this isn't blocking a port. The application is basically binding to a local port, which disallows anyone else from using that same port. Blocking a port is selective, allowing certain clients to use the service, while blocking others from getting to the service. Since the application uses the port, the service can't use it. You can achieve the same affect by just not starting the service.

Henry


Books: Java Threads, 3rd Edition, Jini in a Nutshell, and Java Gems (contributor)
ritesh thakur
Greenhorn

Joined: Jul 08, 2013
Posts: 13

Paul Clapham wrote:Hi ritesh, welcome to the Ranch!

Your post is a little unclear to me: did you mean to say that you tried to block port 80 on your computer by running that code you posted, and then you found that connecting to HTTP sites on some other computer that you could still do that?


i meant, using this code i block a port, say 80. but when i now try to access http:// sites on the same computer where i have blocked port 80, i can access them. as http:// sites open on port 80. they shul be blocked.

is there a problem with concept or code.?
ritesh thakur
Greenhorn

Joined: Jul 08, 2013
Posts: 13

Henry Wong wrote:
ritesh thakur wrote:

I am using this code to block a port.


It says port has been blocked. but for eg. if I block port port 80, http sites are opening, while http:// sites work on port 80.



And technically, this isn't blocking a port. The application is basically binding to a local port, which disallows anyone else from using that same port. Blocking a port is selective, allowing certain clients to use the service, while blocking others from getting to the service. Since the application uses the port, the service can't use it. You can achieve the same affect by just not starting the service.

Henry


so can i achieve, blocking http:// sites using java or it is not possible.?
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18662
    
    8

I'm guessing that when you say

when i now try to access http:// sites on the same computer where i have blocked port 80


You really mean

when i now try to access http:// sites from the same computer where i have blocked port 80


Or are these http:// sites really hosted on the computer where you blocked port 80?
ritesh thakur
Greenhorn

Joined: Jul 08, 2013
Posts: 13

Paul Clapham wrote:I'm guessing that when you say

when i now try to access http:// sites on the same computer where i have blocked port 80


You really mean

when i now try to access http:// sites from the same computer where i have blocked port 80


Or are these http:// sites really hosted on the computer where you blocked port 80?


yes thats what i mean. i blocked port 80 on computer abc, now abc can open http:// sites, when they are supposed to be blocked.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
That's not what this code does. As Henry explained, it blocks any process from binding to port 80 - thus no process (in particular no HTTP server, since that's what generally uses port 80) can serve anything on port 80 on that machine.

That is entirely unrelated to which ports on other machines any process (like a web browser) can access from that machine. The inbound port is not the same as the outbound port.

Coding something is not the right way to go about this. Either block outgoing HTTP connections from this machine at your network router (or switch or firewall), or use iptables (on *nix) or the firewall built into Windows to block this kind of traffic.


Ping & DNS - my free Android networking tools app
ritesh thakur
Greenhorn

Joined: Jul 08, 2013
Posts: 13

Ulf Dittmer wrote:That's not what this code does. As Henry explained, it blocks any process from binding to port 80 - thus no process (in particular no HTTP server, since that's what generally uses port 80) can serve anything on port 80 on that machine.

That is entirely unrelated to which ports on other machines any process (like a web browser) can access from that machine. The inbound port is not the same as the outbound port.

Coding something is not the right way to go about this. Either block outgoing HTTP connections from this machine at your network router (or switch or firewall), or use iptables (on *nix) or the firewall built into Windows to block this kind of traffic.


that helped. thanks ulf dittmer. but as you said:
" it blocks any process from binding to port 80 - thus no process (in particular no HTTP server, since that's what generally uses port 80) can serve anything on port 80 on that machine."
so now no HTTP server, can serve on that port. so how can these sites open.? (machine on which 80 is blocked is same machine on which http sites are still opening)
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18896
    
  40

ritesh thakur wrote:
that helped. thanks ulf dittmer. but as you said:
" it blocks any process from binding to port 80 - thus no process (in particular no HTTP server, since that's what generally uses port 80) can serve anything on port 80 on that machine."
so now no HTTP server, can serve on that port. so how can these sites open.? (machine on which 80 is blocked is same machine on which http sites are still opening)



When a browser makes a http call on a site, it uses TCP. And with TCP, there are two ports in use -- actually, there are three.


First. it will grab an ephemeral port on your machine -- basically, it finds a free unused port on your machine to binds the socket.

Second, the connection is then established to the rendezvous port. This is port 80 on the other machine -- the machine that is running the web server on the other side of the connection. This is not your machine !! It is port 80 on the other machine. Anyway, this connection is short lived -- it is established long enough for the web server to accept the connection, and provide another free port to connect to. It can't stay connected to port 80 for very long, as other browsers will be also using the site.


Anyway, if you want to block the http connection to this other site, then you need to call up the other site (say coderanch), tell them to shutdown their web server; optionally, you can also tell them to run your program (but that is probably redundant). And if they did that, you won't be able to access coderanch.

You can also modify your program to "block" all the ephemeral ports, and if you did that, then all the sites on port 80 (actually, all possible connections to any other machine) will be blocked. Is that what you want?

Henry
ritesh thakur
Greenhorn

Joined: Jul 08, 2013
Posts: 13

thanks a lot henry. you made the concept very clear to me. thanks a lot again. if i could, i wud hit votes for you a 1000 times. thanks henry again.
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18896
    
  40

ritesh thakur wrote:
so can i achieve, blocking http:// sites using java or it is not possible.?


Blocking of websites (actually, any connection), is generally done at the network. You need to configure your routers, switches, or firewalls to not allow the connection through. Blocking at the endpoints is generally not done -- or at least, I don't know of any operating system that allows it.

Henry
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: port block using java