Online Armor Web Help - Using Online Armor - Firewall

Packets, Ports, and Protocols

Packets – Any time that data is sent over a network, it is broken down into small chunks, called packets. Each packet has a header with some basic information about what kind of data the packet contains. Programs read this header to know what the packet is and what to do with it. Then it can collect the packets, reassemble them, and then use them. For example a header may say “This is part of a picture that is X number of bytes.” Your web browser then knows that it’s downloading a picture, waits for all the packets, reassembles the picture, and then shows it to you.
Ports – Programs connect using different ports. Ports are something like slots that programs can use to create or accept connections on that computer. There are 65,535 ports available on a computer with ports up to 1024 being the most commonly used. Any application can technically use any port for any type of traffic, however only one program can use any one port on a system, and there are many agreed-upon standards. For example your web browser usually uses port 80 to download webpages, and your email program usually uses port 110 to download email. So web browsers are programmed to use port 80 unless you specify otherwise. Servers are computer programs and one computer may run more than one kind of server, so they need to use different ports to make sure that signals don’t get crossed.
Protocols – Protocols can be thought of as the “language” that a program speaks across the network. Different programs may need to transmit data differently than other types of traffic, and so they use different protocols. The three main protocols used over the internet are:
- TCP – Makes sure that both sides are ready and waiting, and checks to make sure that each packet was downloaded correctly. If a packet gets corrupted during the transfer then it will ask for it again. This extra checking takes some time but is more reliable at transferring data.
- UDP – Is much faster, but without the same kind of verification. Instead it just sends all the data as fast as it can, trusting the software at the other end to take care of the rest.
- ICMP – ICMP stands for Internet Control Message Protocol, and is used for sending small control messages between computers and reporting errors. Computers use ICMP to do things like sending one small packet to another computer to make sure that the other system is available and can be reached.

If you need to create a firewall rule, then the chances are that you have already obtained the information about what port(s) and protocol(s) are needed, however if you do not know then there are a few ways to find out:

Program Documentation – When a program requires you to create a firewall rule to operate, then the information on what port(s) and protocol(s) it uses are usually documented.
Firewall Status Screen – You can use Online Armor’s Firewall Status Screen to see what connections are being allowed and blocked in real-time.
Firewall Log – You can use Online Armor’s Firewall Log to review the history of the connections that have been Allowed and Blocked by the firewall, but only if logging is enabled in Options.