Date: Thu, 24 Jul 2003 12:00:25 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Diomidis Spinellis <dds@aueb.gr>, freebsd-hackers@freebsd.org Subject: Re: Network pipes Message-ID: <20030724120025.A33961@xorpc.icir.org> In-Reply-To: <20030724173640.GA10708@funkthat.com>; from gurney_j@efn.org on Thu, Jul 24, 2003 at 10:36:41AM -0700 References: <3F1F96A5.A7D2D221@aueb.gr> <20030724021426.A28546@xorpc.icir.org> <3F1FBD35.82A3629E@aueb.gr> <20030724173640.GA10708@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 24, 2003 at 10:36:41AM -0700, John-Mark Gurney wrote: > Diomidis Spinellis wrote this message on Thu, Jul 24, 2003 at 14:04 +0300: > > separate command "netpipe". Netpipe takes as arguments the originating > > host, the socket port, the command to execute, and its arguments. > > Netpipe opens the socket back to the originating host, redirects its I/O > > to the socket, and execs the specified command. > > This breaks nat firewalls. It is very common occurance to only accept > incoming connections, and only on certain ports. This means any system > of firewill will probably be broken by this. :( actually it is the other way around -- this solution simply won't work on firewalled systems. But to tell the truth, i doubt you'd do a multi-gb backup through a nat and be worried about the encryption overhead. cheers luigi > i.e. behind a nat to a public system, the return connection can't be > established. From any system to a nat redirected ssh server, the > incoming connection won't make it to the destination machine. > > I think this should just be a utility like Luigi suggested. This will > help "solve" these problems. > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030724120025.A33961>