home | list info | list archive | date index | thread index

[OCLUG-Tech] Re TCP Ports -- and the little guy listening

Hi;

I need some help understanding how network or TCP ports work.

I am particularly confused by the concept that something is "listening"
on certain ports.  I hope there isn't a little guy in my computer with
big ears, because he is probably dead by now.  I haven't been feeding
him.

Here is what I think I understand from various manuals.

If someone wants to send me an email, their 'sendmail' calls on various
functions?? from a library?? that adds an IP and a TCP header that
contains my machines (and rogers.com) address and other info to a
datagram(s) .  In particular, on the TCP segment header bits 17 to 32
contain the receivers (my) port number for smtp mail i.e. 25 - the
standard smtp port number. The senders email is sent out; bounces around
the internet for a bit and ends up at rogers.com (my IP provider).

Next, after I check rogers.com using my emailer, Evolution, and see that
there is an email for me, I use Evolution (which uses fetchmail) to
download my mail (or at least its headers - I have a pop account).

Now here is where it gets confusing.

The message arrives through my cable modem as a series of 1 or 0
electrical pulses. (Or, for a cable modem, does it still arrive as
analogue sound pulses that are translated by the modem into electric
(voltage) pulses?)

The instant the message arrives it has to be stored somewhere
temporarily and a signal or interrupt has to be sent to the CPU to tell
the CPU to process a message.  Where is it stored?  Who or what sends
the signal or interrupt? Does it use a stack or what?.  I am assuming
all of the above happens before the message can even be allocated to a
port number.

The CPU has to then call a library function that processes the TCP
segment header looking for the port number. -- ???  When it finds the
port number -- 25 in our example -- it has to check against a table? of
some kind for the memory address for port 25. -- ???  Is the memory
address dynamic or static; i.e. is a permanent memory address set aside
when the port is originally opened or is it set as needed?  In either
case would not the CPU have to call a special routine to set port
numbers to memory addresses and save that somewhere?

Another routine, as I understand it, would have to move the message from
its temporary location to the port memory address. -- ??.  Before or
after it goes into memory the TCP/IP segment headers have to somehow be
removed. --??  Also, somehow another routine has to send another signal
or interrupt to tell the CPU to call the MTA ?? to begin processing the
mail.

As you can see from all the question marks, none of the manuals that I
can find are clear on what exactly is happening, but just use the
anthropomorphic metaphor of "listening".

I have been busy for the last week working my way through security
issues on Fedora Core 4.  Up to this point I have been able to develop a
satisfactory working knowledge of inodes, ACL, su, sudo and PAM.  My
next personal project (or sub-project) is coming to understand iptables
and SElinux.  I don't think that can properly been done without first
understanding TCP ports.

Any and all advice gratefully received.

Regards Bill