Re: Getting App to use same port
From: Barry Margolin (barmar_at_alum.mit.edu)
Date: 09/21/04
- Previous message: Cosmic Cruizer: "Getting App to use same port"
- In reply to: Cosmic Cruizer: "Getting App to use same port"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 20 Sep 2004 22:05:54 -0400
In article <Xns956AB5FDDD8DBccruizermydejacom@64.164.98.50>,
XXjbhuntxx@white-star.com (Cosmic Cruizer) wrote:
> I have a Solaris 8 box located in a DMZ. There is an RPC application on the
> box in the DMZ that needs to communicate with a box in our intranet. I've
> opened the port through the firewall for the RPC call to go from the DMZ to
> the intranet, but that is only half the battle. The application does not
> always send from the same port, therefore, the return path may be different
> each time. Since I am not allowed to open a wide range of ports, I need to
> have the application use the same port each time.
>
> How can I setup the box in the DMZ to use the same port each time?
There's no system-wide way to configure this, it's up to the
application. Normally, client applications just let the system pick the
next available port. Unless the application provides a configuration
option to force a particular port, that's what will happen.
You need a stateful firewall. When it sees the request packet, it will
remember the source port and allow the replies back through.
If you're using a Cisco router, I believe its CBAC mechanism can be used
for this.
-- Barry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE post questions in newsgroups, not directly to me ***
- Previous message: Cosmic Cruizer: "Getting App to use same port"
- In reply to: Cosmic Cruizer: "Getting App to use same port"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
