<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: cipe-l,AT,inka,DOT,de
Subject: Re: Feature: Using just one port
From: "Eric M. Hopper" <hopper,AT,omnifarious,DOT,org>
Date: 17 Jun 2003 11:06:45 -0500
Cc: Allan Latham <alatham,AT,flexsys-group,DOT,com>
In-reply-to: <200306171603.55702.alatham@flexsys-group.com>
Organization: Omnifarious Software
References: <200306171603.55702.alatham@flexsys-group.com>

On Tue, 2003-06-17 at 09:03, Allan Latham wrote:
> 1. All remote stations will be setup to listen on a udp port just as now.
> 2. No two remote stations will use the same listen port.
> 3. All remote stations will send udp packets to the same IP and port.(i.e 
> the 
> real IP of the firewall and whatever port has been forwarded to the cipe 
> box).
> 4. On the cipe box on the firms network the cipe configuration will be such 
> that each interface listens on localhost on the same udp port as the remote 
> server is listening on.
> 5. On the cipe box I will run a proxy udp server which looks at the 
> incoming 
> udp packets and forwards them to the udp port on localhost that is the same 
> as the source udp port in the original packet.

That method is thwarted if the remote stations are behind a NAT, because
that will scramble the source port.  I presume you are aware of this,
but I brought it up just in case.

Have fun (if at all possible),
-- 
The best we can hope for concerning the people at large is that they
be properly armed.  -- Alexander Hamilton
-- Eric Hopper (hopper,AT,omnifarious,DOT,org  
http://www.omnifarious.org/~hopper) --

Attachment: signature.asc
Description: This is a digitally signed message part


<< | Thread Index | >> ]    [ << | Date Index | >> ]