On Sat, 30 Jul 1994 fwnews @
callisto .
eci-esyst .
com wrote:
> I want to us the TIS toolkit to provide proxy services for Mosaic (Unix and Mac).
> Does this require that I use Plug-Gw (or other) or do I cover my bases by running
> Telnet-Gw and Ftp-Gw? In other words, what special things, if any, do I have to do to
> get the Mosaic to proxy through the firewall?
Look at comp.security.unix; some of this was covered within the past
week, I think.
IF you use the CERN httpd as a proxy, then it will handle FTP for you;
it will run on the firewall and talk FTP to the world and HTTP to your
Mosaic, Lynx, or other proxy-capable browser. Your browser will
launch a telnet session for you when a telnet URL is selected. This
is problematic with the TIS toolkit, since the browser will exec a
'telnet downwind.sprl.umich.edu 3000' command, whereas you really need
to telnet to the firewall and issue a 'con downwind.sprl.umich.edu
3000' command to the proxy. I've not tried to crack this nut, yet.
You have two choices in running the proxy itself; run it as a daemon
using its own authorization mechanism, which is similar to TIS', or run
it on-demand from inetd via netacl to use TIS' auth mechanism directly.
That is less efficient in terms of process spawning on the firewall,
but centralizes administration & logging.
References:
|
|
