Great Circle Associates Firewalls
(March 1993)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: WAIS: an overview
From: Jonny Goldman <jonathan @ Think . COM>
Date: Mon, 1 Mar 93 12:44:44 PST
To: brent @ GreatCircle . COM
Cc: firewalls @ GreatCircle . COM
In-reply-to: Brent Chapman's message of Mon, 01 Mar 93 10:54:24 -0800 <9303011854 . AA19435 @ mycroft . GreatCircle . COM>

   Date: Mon, 01 Mar 93 10:54:24 -0800
   From: Brent Chapman <brent @
 GreatCircle .
 COM>

   Jonny Goldman <jonathan @
 Think .
 COM> writes:

   # Server forwarding is built into every WAIS server, so if you can run a
   # server on your firewall host, you can tunnel to external servers using it.
   # Server forwarding uses the database-name field of the source description to
   # encode a remote server/port/database, of the form:
   # 
   #  db @
 host:port
   # 
   # You can easily modify the source description, replacing the :ip-name with
   # the name of your firewall, the :tcp-port with the port the server is using,
   # and the :database-name with the encoded name.  If your firewall can connect
   # to the remote server, you're done.  This is what the automatic forwarding
   # client code does.

   I assume that the forwarding server uses a random TCP port above 1024
   for its end of the conversation with the real server?  In other words,
   the forwarding server uses port 210 to talk to the internal client,
   and some random TCP port above 1024 to talk to the "real" server on
   the outside world?

Umm... If you mean some random CLIENT port, as is done by TCP, yes.  If you
mean some random SERVER port, no.  That's defined by the source desription
- whatever the :tcp-port field for the remote server.

Perhaps a little example of a forwarding database would help.

Let's say you're inside a site with a firewall running a WAIS forwarder on
a machine named internet-gateway on port 640.  If you wanted to talk to the
directory-of-servers, which runs on Quake.Think.COM on port 210
database-name "directory-of-servers", then the forwarding source
description would be:

(:source 
   :version  3 
   :ip-name "internet-gateway"
   :tcp-port 640
   :database-name "directory-of-servers @
 Quake .
 Think .
 COM:210"
   :cost 0.00 
   :cost-unit :free 
   :maintainer "wais-directory-of-servers @
 quake .
 think .
 com"
   :subjects "general guide WAIS servers"
   :description 
"Server created with WAIS-8 on Fri Mar  8 14:30:57 1991 by
 brewster @
 think .
 com
...
"
)

- Jonny G



References:
Indexed By Date Previous: Re: Appletalk through firewalls.
From: Mark Verber <verber @ parc . xerox . com>
Next: Re: Appletalk through firewalls.
From: Leland K. Neely <lkn @ llnl . gov>
Indexed By Thread Previous: Re: WAIS: an overview
From: Brent Chapman <brent @ GreatCircle . COM>
Next: RE: SecurID & ARA Appletalk
From: Leland K. Neely <lkn @ llnl . gov>

Google
 
Search Internet Search www.greatcircle.com