What is the port? We have explained it in the previous article. Please see《 Easily understand what a network port is 》Port forwarding and port mapping are both derived technologies to solve the problem that the ports of intranet hosts cannot be accessed directly from the outside. They are transferred through the intermediate server, mapping the internal ports to the public IP or forwarding the internal ports to the external server for users or their own use. What is the difference between them?
Port forwarding
As the name implies, the port is forwarded. The specific port to which the port is forwarded depends on the application scenario. For example, if we get the permission of an internal and external server A, we can scan another server B with the same internal network and open port 80. How can we use the browser to access it? Let's draw a picture as follows:
As can be seen from the figure above, we have established a channel with A. We can upload any file on A and execute any system command. How can we access port 80 of B? Suppose A is on the public network and has a public IP address. We can access any of its ports.
1. Directly execute the curl command on A to access port 80 of B (this method is not convenient for us to test the vulnerability of port 80 of B, and is not convenient for us to take advantage of it)
2. Start a socks 5 proxy on A, and we use the browser to set the proxy, proxy our browser to the target intranet, and then access port 80 of B.
3. Perform port forwarding on A, forward port 80 of B to port 8080 of A, and then we can directly access port 8080 of A with a browser. This principle is port forwarding
To sum up, port forwarding is to forward a port, which can be the port of the local machine or the port of any host that can be accessed by the local machine, to an IP that can be accessed by any host. Usually, this IP is a public IP, which is convenient for us to use.
Port Mapping
As the name implies, it is a mapping port, that is, mapping an intranet port to a port on the public network. Let's take an example. My computer is in the intranet and does not have a public IP address, but I want to provide a port for others to use. What should I do? Let's look at a picture:
A and B have their own intranet IP addresses in different intranets, but they cannot access each other directly. In this case, an intermediate server is needed. Both A and B should be able to access and then act as a transit server to achieve the above goal. This intermediate server needs to have a public IP address, as shown in the figure:
C in the figure above is an intermediate server with a public IP address. We can map port 80 of A to port 80 of C, and then B can access port 80 of C, which is equivalent to accessing port 80 of A. The core principle here is actually port forwarding, which is just forwarding the local port to a remote port.
summary
The core principles of port forwarding and port mapping are the same, but the usage scenarios are different. We can forward the local port to a remote port, which can be called port mapping or port forwarding; If we forward the port of any IP that can be accessed by the local machine to the port of another server, we call it port forwarding. It's a bit confusing to say. In fact, how to understand and what to call is ultimately to be used in the actual scene. It's OK to solve your problem, and don't have to worry about what to call it.
