Hi. On Wed, Jul 17, 2019 at 08:55:39PM -0700, pe...@easthope.ca wrote: > * From: "D. R. Evans" �doc.ev...@gmail.com� > * Date: Wed, 17 Jul 2019 17:01:22 -0600 > > That doesn't seem to be correct. The original e-mail said: > >> Jul 16 11:25:16 joule stunnel: LOG5[4]: Service [https] accepted > >> connection from 127.0.0.1:36140 > > > > So 36140 is the source port. > > I wondered about that also but my understanding is sketchy. > Perhaps Reco didn't mean what he typed. =8~|
Nope. Meant exactly what I wrote. You have a program that connects to 127.0.0.1:443. That's *destination* IP and a *destination* port. To connect the program (a kernel, actually) chooses a network interface to send packets from (usually according to the local IP routing rules), and therefore a *source* IP. In this case, 127.0.0.1. It also needs a source port to send the packets from, and it's chosen randomly from a range determined by net.ipv4.ip_local_port_range kernel knob. In this case, source port is 36140. A TCP connection was always a set of four values: source IP, source port, destination IP, destination port. Also, "ss -npt" and "netstat -npt". Reco
