Date: Tue, 6 Jul 1999 10:28:54 +0400 From: ryndin@mtk.comcor.ru To: questions@freebsd.org Cc: hackers@freebsd.org Subject: Firewall and Oracle SQLNet Message-ID: <C32567A6.002397B2.00@mtk.comcor.ru>
next in thread | raw e-mail | index | archive | help
Hi everybody! Does anybody manage to install firewall before an Oracle SQL Server? We need to allow a few remote users to connect to our Oracle SQL Server. We install FreeBSD box with ipfw and discover next problem: we allow for remote users to connect to the Oracle box using port mentioned in SQLNet listener configuration (1521). But remote user try to connect twice: first time using port mentioned above and second time using some other port, which, as we suggest, Oracle server sent him during first connection. This port value start from 1030 (after Oracle restart) and increase after each connection and we don't manage to find it upper limit. As we suggest, Oracle uses second port to resolve sessions. We think that it is not a very good idea to allow users to connect to our server using such a wide port range. We look through all Oracle documentation and don't find any mention about the second connection. Oracle's people said that we need to use Oracle certified firewall, but it cost about 30000 backs and what hell of it!!!!! The question is does anybody managed to restrict Oracle in range of using second port values or have any idea about how to do it (there is no way to configure it in SQLNet configuration file). Thanks in advance, Alexey Ryndin. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C32567A6.002397B2.00>