Haddii aad akhrinayso maqaalkan, hambalyo! Waxaad si guul leh ula falgashaa server kale oo internetka ah adiga oo isticmaalaya dekedaha 80 iyo 443, dekedaha shabakadeed ee furan ee taraafikada webka. Haddii dekedahani ay ku xidhnaan lahaayeen server-kayaga,ma awoodid inaad akhrido maqaalkan. Dekadaha xiran waxay ka ilaalinayaan shabakadaada (iyo server-keena) tuugada.

Dekadahayada shabakadu way furnaan karaan, laakiin dekedaha router-kagugu waa inaanay noqon, maxaa yeelay tani waxay god u furaysaa tuugta xaasidnimada leh. Si kastaba ha ahaatee, waxaa laga yaabaa inaad u baahato inaad u ogolaato gelitaanka aaladahaaga internetka adoo isticmaalaya gudbinta dekeda waqti ka waqti. Si lagaaga caawiyo inaad wax badan ka ogaato gudbinta dekeda, waa kuwan waxa aad u baahan doonto inaad ogaato.

Waa maxay Gudbinta Dekeddu?^{(What Is Port Forwarding?)}

Soo gudbinta dekeddu^(Port) waa habraac ku socda router-yada maxaliga ah ee ka gudbiya isku dayga isku xirka aaladaha khadka una gudbiya aaladaha gaarka ah ee shabakada deegaanka. Tani waxay mahad iska leedahay xeerarka gudbinta dekedaha ee routerkaaga ee u dhigma isku dayga xidhiidhka ee lagu sameeyay dekeda saxda ah iyo ciwaanka IP-ga ee aaladda shabakadaada.

Shabakadda maxalligu waxay yeelan kartaa hal ciwaanka IP-ga guud, laakiin aalad kasta oo shabakadaada gudaha ah waxay leedahay IP-ga gudaha ah. Soo gudbinta dekeddu^(Port) waxay ku xidhaysaa codsiyadan ka baxsan A (IP-ga dadweynaha iyo dekedda dibadda) ilaa B (dekedda la codsado iyo ciwaanka IP-ga maxalliga ah ee aaladda shabakadaada). 

Si loo sharaxo sababta ay tani faa'iido u leedahay, aynu ka fikirno in shabakada gurigaagu ay u yar tahay qalcaddii dhexe. Inta aad derbiyada ka baxsan ka eegi karto, kuwa kalena ma soo eegi karaan ama ma jebin karaan difaacyadaada—waad ka badbaadday weerar. 

Thanks to isku-dhafka dab-damiska shabakadaha, shabakadaadu waxay ku taal boos isku mid ah. Waxaad geli kartaa adeegyada kale ee onlaynka ah, sida mareegaha ama server-yada ciyaarta, laakiin isticmaalayaasha kale ee internetka ma heli karaan aaladahaaga beddelka. Buundada barbaradka ah ayaa kor loo qaadayaa, maadaama firewall-kaagu uu si firfircoon u xannibayo isku day kasta oo ka imanaya xidhiidhada dibadda ah si loo jebiyo shabakadaada.

Waxaa jira xaalado qaarkood oo heerkan ilaalinta aan la rabin, si kastaba ha ahaatee. Haddii aad rabto inaad ku socodsiiso server-ka shabakadda gurigaaga ( addoo isticmaalaya Raspberry Pi^{(using a Raspberry Pi)} , tusaale ahaan), isku xirka dibadda ayaa lagama maarmaan ah. 

Tani waa halka soo gudbinta dekeddu ay ka timaado, maadaama aad u gudbin karto codsiyadan ka baxsan qalabyo gaar ah adoon wax u dhimayn amnigaaga.

Tusaale ahaan, aan ka soo qaadno inaad ku shaqaynayso server maxalli ah qalab leh ciwaanka IP-ga gudaha 192.168.1.12 , halka ciwaanka IP-gaagu yahay 80.80.100.110 . Codsiyada ka baxsan dekedda 80 ( 80.90.100.110:80 ) waa la ogolaan doonaa, mahad sharciyada gudbinta dekedda, iyada oo taraafikada loo gudbiyo dekedda 80^{(port 80)} on 192.168.1.12 .

Si aad tan u samayso, waxaad u baahan doontaa inaad habayso shabakadaada si aad u ogolaato gudbinta dekeda, ka dibna ku samee xeerarka gudbinta dekeda ee ku haboon router kaaga. Waxa kale oo laga yaabaa inaad u baahato inaad habayso dab-damisyada kale ee shabakadaada, oo ay ku jiraan Windows firewall , si loo oggolaado socodka.

Waa maxay sababta ay tahay inaad uga fogaato UPnP (dirista tooska ah ee dekeda)^{(Why You Should Avoid UPnP (Automatic Port Forwarding))}

Dejinta gudbinta dekeda shabakada deegaankaaga kuma adka isticmaalayaasha horumarsan, laakiin waxay u abuuri kartaa dhammaan noocyada dhibaatooyinka kuwa cusub. Si looga caawiyo in arrintan laga gudbo, soo-saareyaasha aaladaha shabakadu waxay abuureen nidaam toos ah oo gudbinta dekedda ah oo loo yaqaan UPnP (ama Universal Plug and Play ).

Fikradda ka dambeysa UPnP waxay ahayd (oo waa) in loo oggolaado abka internetka ku saleysan iyo aaladaha inay abuuraan shuruuc u gudbinta dekedda routerkaaga si toos ah si loogu oggolaado taraafikada dibadda. Tusaale ahaan, UPnP waxa laga yaabaa inay si toos ah u furto dekedo oo ay u gudbiso taraafikada aaladaha ku shaqeeya server-ka ciyaarta iyada oo aan loo baahnayn in gacanta lagu habeeyo gelitaanka goobaha routerkaaga.

Fikradda ayaa ah mid cajiib ah, laakiin nasiib darro, dilku waa cillad-haddii aysan ahayn mid aad khatar u ah. UPnP waa riyada malware-ka, maadaama ay si toos ah u malaynayso in abka ama adeegyada ku shaqeeya shabakadaada ay badbaado yihiin. Bogga internetka ee hacks-ka UPnP wuxuu^{(UPnP hacks website)} muujinayaa tirada amni-darrada, xitaa maanta, si sahal ah loogu daro router-yada shabakadda.

Marka dhinaca amniga laga eego, waxa fiican in laga qaldamo dhinaca taxadarka. Halkii aad halis gelin lahayd amniga shabakadaada, iska ilaali isticmaalka UPnP si toos ah u gudbinta dekeda (iyo, haddii ay suurtagal tahay, gabi ahaanba gab). Taa baddalkeeda, waa inaad kaliya abuurtaa xeerarka gudbinta dekedda gacanta ee abka iyo adeegyada aad ku kalsoon tahay oo aan lahayn baylahda la yaqaan.

Sida Loo Sameeyo Gudbinta Dekadda Shabakaddaada^{(How to Set Up Port Forwarding on Your Network)}

Haddii aad ka fogaanayso UPnP oo aad rabto inaad gacanta ku dejiso gudbinta dekedda, inta badan waxaad sidaas ka samayn kartaa bogga maamulka shabakada ee routerkaaga. Haddii aadan hubin sida tan loo galo, waxaad inta badan ka heli kartaa macluumaadka xagga hoose ee routerkaaga ama waxaad ku dari kartaa buug-gacmeedka dukumeentiyada routerkaaga.

Waxaad ku xidhi kartaa bogga maamulka router kaaga adigoo isticmaalaya cinwaanka albaabka caadiga ah ee routerkaaga. Kani caadi ahaan waa 192.168.0.1 ama kala duwanaansho la mid ah—ciwaanka ku qor biraawsarkaaga ciwaanka Waxaad sidoo kale u baahan doontaa inaad ku xaqiijiso addoo isticmaalaya magaca isticmaalaha iyo erayga sirta ah ee lagugu keenay routerkaaga (tusaale admin ).

Habaynta Ciwaanka IP Static Isticmaalka Booska DHCP^{(Configuring Static IP Addresses Using DHCP Reservation)}

Inta badan shabakadaha maxalliga ahi waxay isticmaalaan qoondaynta IP firfircoon si ay ugu meeleeyaan cinwaannada IP-ga ku-meel-gaarka ah aaladaha isku xira. Muddo cayiman ka dib, ciwaanka IP-ga waa la cusboonaysiinayaa. Ciwaanadan IP-ga ee ku meel gaadhka ah waxa laga yaabaa in dib loo warshadeeyo oo meelo kale lagu isticmaalo, waxa kale oo laga yaabaa in qalabkaagu lahaado ciwaanka IP-ga maxaliga ah ee ka duwan.

Si kastaba ha ahaatee, gudbinta dekeddu waxay u baahan tahay in ciwaanka IP-ga ee loo isticmaalo qalab kasta oo maxalli ah uu ahaado sidii hore. Waxaad gacanta ku meelayn kartaa ciwaanka IP-ga ee taagan , laakiin inta badan router-yaasha shabakadu waxay kuu oggolaanayaan inaad ku meelayso qoondaynta ciwaanka IP-ga taagan ee aaladaha qaarkood bogga habaynta routerkaaga adoo isticmaalaya boos celinta DHCP .

Nasiib darro, soo saaraha router kastaa wuu ka duwan yahay, tillaabooyinka lagu muujiyey shaashadda hoose (oo lagu sameeyay TP-Link router) waxaa laga yaabaa inaysan ku habboonayn routerkaaga. Haddi ay arintu sidaas tahay, waxa laga yaabaa inaad u baahato inaad ka eegto dokumentiyada routerkaaga si aad u hesho taageero dheeraad ah.

Si aad u bilawdo, gal bogga maamulka shabakada router kaaga addoo isticmaalaya biraawsarkaaga shabakada oo xaqiiji addoo isticmaalaya magaca isticmaalaha iyo erayga sirta ah ee maamulaha routerka. Markaad gasho, gal router kaaga aagga dejinta DHCP .

Waxaa laga yaabaa inaad awoodo inaad iskaan u qaaddo aaladaha maxalliga ah ee horeyba ugu xirnaa (si aad si otomaatig ah u buuxiso xeerka qoondaynta ee loo baahan yahay) ama waxaad u baahan kartaa inaad bixiso cinwaanka MAC gaarka ah^{(specific MAC address)} ee aaladda aad rabto inaad ku meelayso IP-ga taagan. Samee qaanuunka adoo isticmaalaya ciwaanka MAC saxda ah iyo ciwaanka IP-ga ee aad rabto inaad isticmaasho, dabadeed kaydi gelida

Abuuritaanka Xeerka Gudbinta Dekedda Cusub^{(Creating a New Port Forwarding Rule)}

Haddii aaladdaadu leedahay IP-ka taagan (gacanta loo dejiyay ama lagu hayo goobaha qoondaynta DHCP kaaga ), waxaad u dhaqaaqi kartaa inaad abuurto xeerka gudbinta dekeda. Shuruudaha tani way kala duwanaan karaan. Tusaale ahaan, qaar ka mid ah router -yada TP-Link^(TP-Link) waxay tixraacaan sifadan sida Server-yada Virtual^{(Virtual Servers)} , halka Cisco router ay tixraacayaan magaca caadiga ah ( Port Forwarding ).

Liiska saxda ah ee ku yaal bogga maamulka shabakadda ee routerkaaga, samee xeer cusub oo gudbinta dekedaha. Sharcigu wuxuu u baahan doonaa dekedda dibadda^(external) ah (ama xadka dekedda) in aad rabto in aad isticmaasho dibadda in ay ku xidhmaan. Dekeddani waxa ay ku xidhan tahay ciwaanka IP-ga guud (tusaale, dekedda 80 ee dadweynaha IP 80.80.30.10 ).

Waxaad sidoo kale u baahan doontaa inaad go'aamiso dekedda gudaha^(internal) ee aad rabto inaad u soo gudbiso taraafikada dekedda dibadda . ^(external)Tani waxay noqon kartaa isku deked ama deked kale (si loo qariyo ujeedada gaadiidka). Waxaad sidoo kale u baahan doontaa inaad bixiso cinwaanka IP-ga ee qalabkaaga deegaanka^(local) (tusaale 192.168.0.10 ) iyo borotokoolka dekedda ee la isticmaalo (tusaale TCP ama UDP ).

Iyadoo ku xiran routerkaaga, waxaa laga yaabaa inaad awood u yeelatid inaad doorato nooca adeegga si aad si toos ah u buuxiso xogta sharciga loo baahan yahay (tusaale HTTP ee dekedda 80 ama HTTPS ee dekedda 443). Marka aad habayso qaanuunka, kaydi si aad u isticmaasho isbeddelka.

Talaabooyinka Dheeraadka ah^{(Additional Steps)}

Isku-xidhkaagu waa inuu si toos ah ugu dabaqo isbeddelka xeerarkaaga dab-damiska. Isku day kasta oo dibadda ah oo lagu sameeyo dekedda la furay waa in loo gudbiyaa aaladda gudaha iyadoo la adeegsanayo qaanuunka aad abuurtay, inkasta oo laga yaabo inaad u baahato inaad abuurto xeerar dheeraad ah adeegyada isticmaala dhowr dekedood ama kala duwanaanshaha dekedda.

Haddii ay dhibaato kaa haysato, waxaa laga yaabaa inaad sidoo kale u baahato inaad tixgeliso inaad ku darto shuruuc dab-damis oo dheeri ah PC-gaaga ama galka software-ka Mac (oo ay ku jiraan Windows Firewall ) si loogu oggolaado socodka. Windows Firewall caadiyan ma ogola isku xidhka dibadda, tusaale ahaan, marka waxa laga yaabaa inaad u baahato inaad tan ku habayso menu Settings Windows .^{(Windows Settings)}

Haddii Windows Firewall uu dhibaato kugu keeno, waad joojin kartaa si ku meel gaar ah^{(disable it temporarily)} si aad u baarto. Khatarta amniga awgeed^(Due) , si kastaba ha ahaatee, waxaan kugula talineynaa inaad dib u daboosho Windows Firewall^{(Windows Firewall)} ka dib markaad cilad bixiso arrinta maadaama ay siineyso ilaalin dheeri ah oo ka dhan ah isku dayga jabsiga ee suurtagalka ah^{(possible hacking attempts)} .

Sugidda Shabakadda Gurigaaga^{(Securing Your Home Network)}

Waxaad baratay sida loo dejiyo gudbinta dekedda, laakiin ha iloobin khataraha. Deked kasta oo aad furto waxay ku darsataa dalool kale oo dhaafa dab-darka router-kaaga kaas oo aaladaha iskaanka dekeddu^{(port scanning tools)} ay heli karaan oo ay ku xad-gudbi karaan. Haddii aad u baahan tahay inaad u furto dekedo abka ama adeegyada qaarkood, iska hubi inaad ku xaddido dekedo gaar ah, halkii aad ka ahaan lahayd tiro badan oo deked ah oo la jebin karo.

Haddii aad ka welwelsan tahay shabakadaada guriga, waxaad kor u qaadi kartaa ammaanka shabakadaada adiga oo ku daraya dab-bareer dhinac saddexaad ah^{(adding a third-party firewall)} . Tani waxay noqon kartaa firewall software ah oo lagu rakibay PC-gaaga ama Mac ama 24/7 hardware firewall sida Firewalla Gold , oo ku xiran router kaaga si uu u ilaaliyo dhammaan qalabkaaga hal mar.

What Is Port Forwarding and How to Set It Up On Your Router

If you’re reading this article, congratυlatіons! You’re successfully intеracting with another server on the internet using ports 80 and 443, the standard open network ports for web traffic. If these ports were closеd on oυr server, yоu wouldn’t be able to read this article. Closed ports keep your network (and our server) safe from hackers.

Our web ports might be open, but your home router’s ports shouldn’t be, as this opens a hole for malicious hackers. However, you may need to allow access to your devices over the internet using port forwarding from time to time. To help you learn more about port forwarding, here’s what you’ll need to know.

What Is Port Forwarding?

Port forwarding is a process on local network routers that forwards connection attempts from online devices to specific devices on a local network. This is thanks to the port forwarding rules on your network router that match the connection attempts made to the correct port and IP address of a device on your network.

A local network may have a single public IP address, but each device on your internal network has its own internal IP. Port forwarding links these outside requests from A (the public IP and external port) to B (the requested port and local IP address of the device on your network). 

To explain why this might be useful, let’s imagine that your home network is a little like a medieval fortress. While you can look out beyond the walls, others can’t look in or breach your defenses—you’re secure from attack. 

Thanks to integrated network firewalls, your network is in the same position. You can access other online services, such as websites or game servers, but other internet users can’t access your devices in return. The drawbridge is raised, as your firewall actively blocks any attempts from outside connections to breach your network.

There are some situations where this level of protection is undesirable, however. If you want to run a server on your home network (using a Raspberry Pi, for instance), outside connections are necessary. 

This is where port forwarding comes in, as you can forward these outside requests to specific devices without compromising your security.

For example, let’s assume you’re running a local web server on a device with the internal IP address 192.168.1.12, while your public IP address is 80.80.100.110. Outside requests to port 80 (80.90.100.110:80) would be allowed, thanks to port forwarding rules, with the traffic forwarded to port 80 on 192.168.1.12.

To do this, you’ll need to configure your network to allow port forwarding, then create the appropriate port forwarding rules in your network router. You may also need to configure other firewalls on your network, including the Windows firewall, to allow the traffic.

Why You Should Avoid UPnP (Automatic Port Forwarding)

Setting up port forwarding on your local network isn’t difficult for advanced users, but it can create all types of difficulties for novices. To help overcome this issue, network device manufacturers created an automated system for port forwarding called UPnP (or Universal Plug and Play).

The idea behind UPnP was (and is) to allow internet-based apps and devices to create port forwarding rules on your router automatically to allow outside traffic. For instance, UPnP may automatically open ports and forward traffic for a device running a game server without the need to manually configure access in your router settings.

The concept is brilliant, but sadly, the execution is flawed—if not extremely dangerous. UPnP is a malware’s dream, as it automatically assumes that any apps or services running on your network are safe. The UPnP hacks website reveals the number of insecurities that, even today, are readily included with network routers.

From a security point of view, it’s best to err on the side of caution. Rather than risk your network security, avoid using UPnP for automatic port forwarding (and, where possible, disable it entirely). Instead, you should only create manual port forwarding rules for apps and services that you trust and that have no known vulnerabilities.

How to Set Up Port Forwarding on Your Network

If you’re avoiding UPnP and want to set up port forwarding manually, you can usually do so from your router’s web administration page. If you’re unsure how to access this, you can usually find the information on the bottom of your router or included within your router’s documentation manual.

You can connect to your router’s admin page using the default gateway address for your router. This is typically 192.168.0.1 or a similar variation—type this address into your web browser’s address bar. You’ll also need to authenticate using the username and password supplied with your router (e.g. admin).

Configuring Static IP Addresses Using DHCP Reservation

Most local networks use dynamic IP allocation to assign temporary IP addresses to devices that connect. After a certain time, the IP address is renewed. These temporary IP addresses may be recycled and used elsewhere, and your device may have a different local IP address assigned to it.

However, port forwarding requires that the IP address used for any local devices remain the same. You can assign a static IP address manually, but most network routers allow you to assign a static IP address allocation to certain devices in your router’s settings page using DHCP reservation.

Unfortunately, each router manufacturer is different, and the steps shown in screenshots below (made using a TP-Link router) may not match your router. If that’s the case, you may need to look through your router’s documentation for more support.

To begin, access your network router’s web administration page using your web browser and authenticate using the router’s administrator username and password. Once you’ve signed in, access your router’s DHCP settings area.

You may be able to scan for local devices already connected (to autofill the required allocation rule) or you may need to provide the specific MAC address for the device you wish to assign a static IP to. Create the rule using the correct MAC address and the IP address you wish to use, then save the entry.

Creating a New Port Forwarding Rule

If your device has a static IP (set manually or reserved in your DHCP allocation settings), you can move to create the port forwarding rule. The terms for this can vary. For instance, some TP-Link routers refer to this feature as Virtual Servers, while Cisco routers refer to it by the standard name (Port Forwarding).

In the correct menu on your router’s web administration page, create a new port forwarding rule. The rule will require the external port (or port range) that you wish outside users to connect to. This port is linked to your public IP address (e.g. port 80 for public IP 80.80.30.10).

You’ll also need to determine the internal port that you wish to forward the traffic from the external port to. This could be the same port or an alternative port (to hide the traffic’s purpose). You’ll also need to provide the static IP address for your local device (e.g. 192.168.0.10) and the port protocol in use (e.g. TCP or UDP).

Depending on your router, you may be able to select a service type to automatically fill the required rule data (e.g. HTTP for port 80 or HTTPS for port 443). Once you’ve configured the rule, save it to apply the change.

Additional Steps

Your network router should automatically apply the change to your firewall rules. Any outside connection attempts made to the opened port should be forwarded to the internal device using the rule you created, although you may need to create extra rules for services that use several ports or port ranges.

If you’re having trouble, you may also need to consider adding extra firewall rules to your PC or Mac’s software firewall (including Windows Firewall) to allow the traffic through. Windows Firewall won’t usually allow outside connections, for instance, so you may need to configure this in the Windows Settings menu.

If Windows Firewall is causing you difficulty, you can disable it temporarily to investigate. Due to the security risks, however, we’d recommend that you re-enable Windows Firewall after you troubleshoot the issue as it provides added protection against possible hacking attempts.

Securing Your Home Network

You’ve learned how to set up port forwarding, but don’t forget the risks. Each port you open adds another hole past your router’s firewall that port scanning tools can find and abuse. If you need to open ports for certain apps or services, make sure you limit them to individual ports, rather than huge port ranges that could be breached.

If you’re worried about your home network, you can boost your network security by adding a third-party firewall. This could be a software firewall installed on your PC or Mac or a 24/7 hardware firewall like the Firewalla Gold, attached to your network router to protect all of your devices at once.

Related posts

• Sida loo damiyo baahinta SSID Router-kaaga

• Ku samee Router-ka Wireless-ka Labaad ee Shabakadda Gurigaaga

• Soo hel furaha sirta ah ee router

• Sida loo dib u dajiyo routerkaaga wireless-ka

• Talooyin Wireless-Routerkaaga Wireless-ka ma sii wadaa inuu gooyo ama sii daayo xidhiidhka?

• Sida loo Geliyo Emoji gudaha Word, Google Docs iyo Outlook

• Sida loo raadiyo oo loo helo qof la tirtiray Tweets

• Waa maxay macnaha BCC iyo CC? Fahamka Emailka aasaasiga ah ee Lingo

• Sida Spotify Looga Dhigo Cod Dheeraad Iyo Cod Wanaagsan

• Waa maxay Qiimaynta Uber Rakaabka iyo sida loo hubiyo

• Sida loo Helo Server-yada Discord-ka ugu Wanaagsan

• Sida loo hubiyo Khaladaadka Hard-kaaga

• Sida Loo Sameeyo Printer Kasta Wireless Wireless 6 Siyaabo Oo Kala Duwan

• Sida Looga Qaado Sawir-qaadista Steam

• Ma bedeli kartaa Magacaaga Twitch? Haa, Laakin ka digtoonow

• Waa maxay Discord Streamer Mode iyo sida loo dejiyo

• Sida loo soo dejiyo oo loogu rakibo Peacock on Firestick

• Sida loo aamusiyo qof khilaaf ku jira

• Sida Facebook Xusuus Loogu Helo

• Sida loo hagaajiyo Hulu Error Code RUNUNK13