Menu
▾
▴
Re: [Firebird-devel] Firebird versus Firewalls once and for all
|
From: Jim S. <ja...@ne...> - 2004-07-21 15:26:38
|
Chris Waters wrote: >The problem is that the auxiliary connection created for the events doesn't >work causing lockup of both the client and server. Without a firewall the >way the communication protocol works is: > >Client connects to server using TCP on port 3050 >.... >Events are registered >Client request auxialiary connection from server >Server reponds with port number and IP address to make auxiliary connection >to >Client connects to specified auxiliary IP address and port using TCP >... > >The problem is if address translation is used. The client makes the >auxiliary connection to the address and port specified by the server, >however this information was not translated by the NAT box so the IP address >is wrong. It will be the LAN address of the server, not the WAN address of >the NAT gateway which is what it should be. > > > The remote interface should retain the original IP address of the server and use just the port number it receives. I don't know what I had in mind when I wrote the original code, but it's clearly wrong. -- Jim Starkey Netfrastructure, Inc. 978 526-1376 |
