Re: HTTP shimmed to HTTPS.

To: debian-user@lists.debian.org
Subject: Re: HTTP shimmed to HTTPS.
From: Reco <recoverym4n@enotuniq.net>
Date: Thu, 18 Jul 2019 09:24:25 +0300
Message-id: <[🔎] E1hnzq4-0001PX-Vb@enotuniq.net>
In-reply-to: <[🔎] E1hnxW7-0003Bc-JL@dalton.invalid>
References: <[🔎] E1hnesX-0006uG-K6@enotuniq.net> <[🔎] E1hnxW7-0003Bc-JL@dalton.invalid>

	Hi.

On Wed, Jul 17, 2019 at 08:55:39PM -0700, peter@easthope.ca wrote:
> *	From: "D. R. Evans" �doc.evans@gmail.com�
> *	Date: Wed, 17 Jul 2019 17:01:22 -0600
> > That doesn't seem to be correct. The original e-mail said:
> >> Jul 16 11:25:16 joule stunnel: LOG5[4]: Service [https] accepted connection from 127.0.0.1:36140
> >
> > So 36140 is the source port.
> 
> I wondered about that also but my understanding is sketchy.
> Perhaps Reco didn't mean what he typed.  =8~|

Nope. Meant exactly what I wrote.
You have a program that connects to 127.0.0.1:443. That's *destination*
IP and a *destination* port.
To connect the program (a kernel, actually) chooses a network interface
to send packets from (usually according to the local IP routing rules),
and therefore a *source* IP.  In this case, 127.0.0.1. It also needs a
source port to send the packets from, and it's chosen randomly from a
range determined by net.ipv4.ip_local_port_range kernel knob. In this
case, source port is 36140.
A TCP connection was always a set of four values: source IP, source
port, destination IP, destination port.

Also, "ss -npt" and "netstat -npt".

Reco

Reply to:

References:
- Re: stunnel as transparent proxy.
  - From: Reco <recoverym4n@enotuniq.net>
- Re: HTTP shimmed to HTTPS.
  - From: peter@easthope.ca

Prev by Date: Re: USB wireless dongle not detected
Next by Date: Re: Psychedelic GUI after stable update to buster
Previous by thread: Re: HTTP shimmed to HTTPS.
Next by thread: Followlink keyboard map browsing
Index(es):
- Date
- Thread