Perhaps a more definitive answer: what you are asking for is not possible because that would require binding to the listen port also for the outgoing connections, but that is not legal (it results in a BindException saying “Address already in use”). This is why the source port of TCP connections is in almost protocols random and not fixed (in fact I know of no counterexample).
You will have to do it like everybody else and only filter on the destination port, not the source port. Regards, Roland > 11 maj 2016 kl. 10:34 skrev enovo.s...@gmail.com: > > Hi, > Still waiting to hear, could anybody please give me some hint > > Regards > > > On Tuesday, May 10, 2016 at 6:29:03 PM UTC+5, enovo...@gmail.com wrote: > Hi, > I have two remote actor systems deployed on two different cloud platforms, > one deployed on Google (port 80) and the other one on AWS (port 2552). I am > managing AWS machine only, Google machine is being managed by client. > I am instantiating connection from AWS actor to Google actor, sending a > message and receiving results back. I want to block all unnecessary ports, so > i added two rules to firewall > 1. Allowed outbound connection to port 80 (to connect to remote actor) > 2. Allowed incoming connection to port 2552 (to receive data back from remote > actor) > > Blocked all other ports, as soon as i block other ports, application stops > connecting with remote actor. I have verified that actor system is listening > at port 2552 ( [akka.tcp://Client@amd-machine:2552] ). > > It turns out that connection is using some dynamic ports for AWS deployed > actor, here are the logs of traffic captured using tcpdump command: > > 16:05:46.811270 IP 10.0.2.15.56756 > 102.150.24.190.80: Flags [S], seq > 1968780725, win 29200, options [mss 1460,sackOK,TS val 6205965 ecr > 0,nop,wscale 7], length 0 > 16:05:46.849800 IP 102.150.24.190.80 > 10.0.2.15.56756: Flags [S.], seq > 2602112001, ack 1968780726, win 65535, options [mss 1460], length 0 > 16:05:46.849841 IP 10.0.2.15.56756 > 102.150.24.190.80: Flags [.], ack 1, win > 29200, length 0 > 16:05:46.850027 IP 10.0.2.15.56756 > 102.150.24.190.80: Flags [F.], seq 1, > ack 1, win 29200, length 0 > 16:05:46.850164 IP 102.150.24.190.80 > 10.0.2.15.56756: Flags [.], ack 2, win > 65535, length 0 > > where > 102.150.24.190.80 is Google actor address > 10.0.2.15.56756 is AWS actor address > as can be seen from above logs, that actor system is picking some dynamic > port for remote communication. > > Could anybody please help me understand why dynamic port is being used when > actor system is listening at port 2552, and how can i make sure dynamic port > is not used? > > Regards > Abud > > > > > > > -- > >>>>>>>>>> Read the docs: http://akka.io/docs/ <http://akka.io/docs/> > >>>>>>>>>> Check the FAQ: > >>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html > >>>>>>>>>> <http://doc.akka.io/docs/akka/current/additional/faq.html> > >>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user > >>>>>>>>>> <https://groups.google.com/group/akka-user> > --- > You received this message because you are subscribed to the Google Groups > "Akka User List" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to akka-user+unsubscr...@googlegroups.com > <mailto:akka-user+unsubscr...@googlegroups.com>. > To post to this group, send email to akka-user@googlegroups.com > <mailto:akka-user@googlegroups.com>. > Visit this group at https://groups.google.com/group/akka-user > <https://groups.google.com/group/akka-user>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. -- >>>>>>>>>> Read the docs: http://akka.io/docs/ >>>>>>>>>> Check the FAQ: >>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html >>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user --- You received this message because you are subscribed to the Google Groups "Akka User List" group. To unsubscribe from this group and stop receiving emails from it, send an email to akka-user+unsubscr...@googlegroups.com. To post to this group, send email to akka-user@googlegroups.com. Visit this group at https://groups.google.com/group/akka-user. For more options, visit https://groups.google.com/d/optout.
