Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

port block using java

 
ritesh thakur
Greenhorn
Posts: 13
Android C++ Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

-3
down vote
favorite
I am using this code to block a port.

try
{

int c=0;
c=b-1;
ServerSocket ss=new ServerSocket(blockedport[c]);

while(true)
{
Thread.sleep(1200);
if(((check[c])==false)||firewallstatus==0)
{
ss.close();
}
Thread.sleep(1200);
if(((check[c])==true)&& (firewallstatus==1))
{
try
{
ss=new ServerSocket (blockedport[c]);
}
}
}
}
Problem I am facing is that when I check whether the port is blocked using another program, which is as follows:

import java.io.*;
import java.net.*;

public class checkport80 {
public static void main(String[] args) throws IOException {
try {
ServerSocket ss = new ServerSocket(80);
System.out.print("The port is not blocked");
} catch (Exception e) {
System.out.print(e);
}
}
}
It says port has been blocked. but for eg. if I block port port 80, http sites are opening, while http:// sites work on port 80.
 
Paul Clapham
Sheriff
Pie
Posts: 20966
31
Eclipse IDE Firefox Browser MySQL Database
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi ritesh, welcome to the Ranch!

Your post is a little unclear to me: did you mean to say that you tried to block port 80 on your computer by running that code you posted, and then you found that connecting to HTTP sites on some other computer that you could still do that?
 
Henry Wong
author
Marshal
Pie
Posts: 21000
76
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ritesh thakur wrote:

I am using this code to block a port.


It says port has been blocked. but for eg. if I block port port 80, http sites are opening, while http:// sites work on port 80.



And technically, this isn't blocking a port. The application is basically binding to a local port, which disallows anyone else from using that same port. Blocking a port is selective, allowing certain clients to use the service, while blocking others from getting to the service. Since the application uses the port, the service can't use it. You can achieve the same affect by just not starting the service.

Henry
 
ritesh thakur
Greenhorn
Posts: 13
Android C++ Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Paul Clapham wrote:Hi ritesh, welcome to the Ranch!

Your post is a little unclear to me: did you mean to say that you tried to block port 80 on your computer by running that code you posted, and then you found that connecting to HTTP sites on some other computer that you could still do that?


i meant, using this code i block a port, say 80. but when i now try to access http:// sites on the same computer where i have blocked port 80, i can access them. as http:// sites open on port 80. they shul be blocked.

is there a problem with concept or code.?
 
ritesh thakur
Greenhorn
Posts: 13
Android C++ Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Henry Wong wrote:
ritesh thakur wrote:

I am using this code to block a port.


It says port has been blocked. but for eg. if I block port port 80, http sites are opening, while http:// sites work on port 80.



And technically, this isn't blocking a port. The application is basically binding to a local port, which disallows anyone else from using that same port. Blocking a port is selective, allowing certain clients to use the service, while blocking others from getting to the service. Since the application uses the port, the service can't use it. You can achieve the same affect by just not starting the service.

Henry


so can i achieve, blocking http:// sites using java or it is not possible.?
 
Paul Clapham
Sheriff
Pie
Posts: 20966
31
Eclipse IDE Firefox Browser MySQL Database
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm guessing that when you say

when i now try to access http:// sites on the same computer where i have blocked port 80


You really mean

when i now try to access http:// sites from the same computer where i have blocked port 80


Or are these http:// sites really hosted on the computer where you blocked port 80?
 
ritesh thakur
Greenhorn
Posts: 13
Android C++ Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Paul Clapham wrote:I'm guessing that when you say

when i now try to access http:// sites on the same computer where i have blocked port 80


You really mean

when i now try to access http:// sites from the same computer where i have blocked port 80


Or are these http:// sites really hosted on the computer where you blocked port 80?


yes thats what i mean. i blocked port 80 on computer abc, now abc can open http:// sites, when they are supposed to be blocked.
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's not what this code does. As Henry explained, it blocks any process from binding to port 80 - thus no process (in particular no HTTP server, since that's what generally uses port 80) can serve anything on port 80 on that machine.

That is entirely unrelated to which ports on other machines any process (like a web browser) can access from that machine. The inbound port is not the same as the outbound port.

Coding something is not the right way to go about this. Either block outgoing HTTP connections from this machine at your network router (or switch or firewall), or use iptables (on *nix) or the firewall built into Windows to block this kind of traffic.
 
ritesh thakur
Greenhorn
Posts: 13
Android C++ Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:That's not what this code does. As Henry explained, it blocks any process from binding to port 80 - thus no process (in particular no HTTP server, since that's what generally uses port 80) can serve anything on port 80 on that machine.

That is entirely unrelated to which ports on other machines any process (like a web browser) can access from that machine. The inbound port is not the same as the outbound port.

Coding something is not the right way to go about this. Either block outgoing HTTP connections from this machine at your network router (or switch or firewall), or use iptables (on *nix) or the firewall built into Windows to block this kind of traffic.


that helped. thanks ulf dittmer. but as you said:
" it blocks any process from binding to port 80 - thus no process (in particular no HTTP server, since that's what generally uses port 80) can serve anything on port 80 on that machine."
so now no HTTP server, can serve on that port. so how can these sites open.? (machine on which 80 is blocked is same machine on which http sites are still opening)
 
Henry Wong
author
Marshal
Pie
Posts: 21000
76
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ritesh thakur wrote:
that helped. thanks ulf dittmer. but as you said:
" it blocks any process from binding to port 80 - thus no process (in particular no HTTP server, since that's what generally uses port 80) can serve anything on port 80 on that machine."
so now no HTTP server, can serve on that port. so how can these sites open.? (machine on which 80 is blocked is same machine on which http sites are still opening)



When a browser makes a http call on a site, it uses TCP. And with TCP, there are two ports in use -- actually, there are three.


First. it will grab an ephemeral port on your machine -- basically, it finds a free unused port on your machine to binds the socket.

Second, the connection is then established to the rendezvous port. This is port 80 on the other machine -- the machine that is running the web server on the other side of the connection. This is not your machine !! It is port 80 on the other machine. Anyway, this connection is short lived -- it is established long enough for the web server to accept the connection, and provide another free port to connect to. It can't stay connected to port 80 for very long, as other browsers will be also using the site.


Anyway, if you want to block the http connection to this other site, then you need to call up the other site (say coderanch), tell them to shutdown their web server; optionally, you can also tell them to run your program (but that is probably redundant). And if they did that, you won't be able to access coderanch.

You can also modify your program to "block" all the ephemeral ports, and if you did that, then all the sites on port 80 (actually, all possible connections to any other machine) will be blocked. Is that what you want?

Henry
 
ritesh thakur
Greenhorn
Posts: 13
Android C++ Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanks a lot henry. you made the concept very clear to me. thanks a lot again. if i could, i wud hit votes for you a 1000 times. thanks henry again.
 
Henry Wong
author
Marshal
Pie
Posts: 21000
76
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ritesh thakur wrote:
so can i achieve, blocking http:// sites using java or it is not possible.?


Blocking of websites (actually, any connection), is generally done at the network. You need to configure your routers, switches, or firewalls to not allow the connection through. Blocking at the endpoints is generally not done -- or at least, I don't know of any operating system that allows it.

Henry
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic