Get APLawrence.com by RSSNAT vs. Proxy server
What is this stuff?
If this isn't exactly what you wanted, please try our Search (there's a LOT of techy and non-techy stuff here about Linux, Unix, Mac OS X and just computers in general!):
From - Thu Sep 9 07:17:34 1999
Xref: world comp.unix.sco.misc:104903
Path: world!newsfeed.mathworks.com!logbridge.uoregon.edu!newsfeed.berkeley.edu!pln-w!spln!extra.newsguy.com!newsp.newsguy.com!enews3
From: Jeff Liebermann <jeffl@comix.santa-cruz.ca.us>
Newsgroups: comp.unix.sco.misc
Subject: Re: connecting osr5 to proxy
Date: Wed, 08 Sep 1999 20:58:48 -0700
Organization: Committee to Maintain and Independent Xenix
Lines: 56
Message-ID: <BSzXN07DTPDv2xyq8FSehObGgFha@4ax.com>
References: <37D5A6A2.D3B78D8E@junction.net> <19990907211911.K12335@jpradley.jpr.com> <37D66F90.8B34019B@home.com> <19990908121125.P15451@jpradley.jpr.com> <37D6AB1F.22C8DE1A@junction.net> <D+LWN4D=XF=18ZbMDlSOZa2VI2ic@4ax.com> <37D71698.3D56C745@home.com>
Reply-To: jeffl@comix.santa-cruz.ca.us
NNTP-Posting-Host: p-009.newsdawg.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Newsreader: Forte Agent 1.6/32.525
X-Mozilla-Status: 8011
On Thu, 09 Sep 1999 01:58:01 GMT, Scott Taylor <s.taylor@home.com>
wrote:
>So, I'm thinking go hardware proxy. One that can keep a dialup
>connection open and pass the email to the osr5.0.5 server. But can I
>route to a proxy, at command level, from OSR5?
No. I'll assume that you have some reason to do a proxy server
instead of just NAT/PAT. Usually, it's a security issue. The big
difference between a proxy server and an NAT/PAT box is that the proxy
server acts as the "end point" of a connection and opens a new
connection to the destination for both outgoing and incoming traffic.
The NAT/PAT box simply tweaks the IP addresses in the header and
passes everything through. This means that applications that talk to
a proxy server must know about how to deal with proxy servers. Rule
sets must be established for every service by IP socket number. This
is no fun, but very secure.
There is no way to have EVERYTHING just point to the proxy server and
declare that all socket numbers (services) will be re-connected by the
proxy server. You can do this but this defeats the purpose of the
proxy server. If this is what you want, you might as well go with the
NAT/PAT solution.
The way you do a specific service such as email (SMTP) is to bore
holes in the firewall and configure a proxy. The outside firewall
points to the proxy server on port 25, the proxy server points to the
OSR5 email host on port 25. You have to do this for every service in
/etc/services that you want to use. Most will work out of the box,
but some are difficult. For some hints, see:
http://www.tsmservices.com/masq/
which has the formulas for firewall and IP masquerading (PAT) to get
various programs and services to work.
Installation and light training Boston and New England
Reliable and experienced, punctual and professional.
You're probably familiar with the Netscape and IE Proxy configuration
page, where a proxy server is assigned for each service. It's like
that for every application you run and on each desktop. Each one
needs to be proxy server aware and individually configured for the
proxy server by IP service number. If the company has an internal
domain, it needs to be listed as an exeption so that its traffic
doesn't end up going via the internet. It's no fun but does work.
I tend to judge whether I need a proxy server, or can live with an NAT
box by the number of users or the traffic. If the user count is high
enough that security is a major issue, I usually go with the proxy
server. If the traffic includes a web server, where a web cache is
benificial, I use a Squid cache and proxy. However, if the traffic is
light and head count low, I prefer the NAT/PAT solution as it's much
cheaper and easier to impliment.
--
Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
(831)421-6491 pgr (831)426-1240 fax (831)336-2558 home
http://www.cruzio.com/~jeffl WB6SSY
jeffl@comix.santa-cruz.ca.us jeffl@cruzio.com
Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)
| Views for this page | ||||
|---|---|---|---|---|
| Today | This Week | This Month | This Year | Overall |
| 4 | 12 | 10 | 1,217 | 3,716 |
/Bofcusm/94.html copyright 1997-2004 (various authors) All Rights Reserved
Have you tried Searching this site?
Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.
http://www.breakthru.com.au SCO (Openserver and Unixware), Unix, Solaris and Linux Consulting services including: Secure Networking Solutions; Linux based Firewalls; Backup Solutions; Secure Home to Office Network Setup; Phone, Remote and On-Site Support available - Satisfaction Guaranteed!
UBB Computer Services Support for Openserver, Unixware and Linux. Windows integration with Unix/Linux servers. Hardware, Backup and Networking issues. Located near Sacramento CA, we provide onsite support throughout Northern CA and Nationwide via remote access. We are a SCO Authorized Partner and a Microlite BackupEdge Certified Reseller.
- Dec 3 14:01
Just went out and added more bungee reinforcement. That ought to hold it.. - Dec 3 13:58
I'm second guessing myself on how I bungeed the cover on my golf cart for winter storage. Wondering if high wind could rip it off..
Add your comments