Scott Raney wrote:
>
> On Thu, 14 Sep 2000, Pierre Sahores wrote:
>
> > Phil Davis wrote:
> > >
> > > I would like MC to detect all incoming connection requests,
> > > regardless of the requested port, and respond by issuing a
> > > message. I envision a message whose parameters contain all
> > > available info on the connection request. If the connection
> > > request is for a port where the stack is listening, this message
> > > would be fired before the socket is opened. For example:
> > >
> > > on socketRequest pPortNum, pRequestData
> > > if pPortNum is among the lines of the permittedPorts of me
> > > then
> > > pass socketRequest
> > > else
> > > put short date && long time & tab \
> > > & pPortNum & tab \
> > > & digested(pRequestData) & cr \
> > > after url "file:log"
> > > end if
> > > end socketRequest
> > >
> > > Maybe it could be used to prevent the opening of an otherwise
> > > accepting port under certain conditions, similar to the way
> > > "closeStackRequest" can be used to prevent the closing of a stack.
> > >
> > > This feature would enable us to build things like firewalls that
> > > log all connection requests, whether they were honored or not.
> > >
> > > Does this sound useful to anyone besides me?
> > > --
> > > Phil Davis
> > > -----------------------------------
> > > [EMAIL PROTECTED]
> > > days: (503) 417-7930
> > > eves: (503) 557-5656
> > > -----------------------------------
> > > Facilitator
> > > Essentials of eBusiness Computing
> > > Information Technology Institute
> > > http://www.iti.com
> > >
> > > Archives: http://www.mail-archive.com/metacard%40lists.best.com/
> > > Info: http://www.xworlds.com/metacard/mailinglist.htm
> > > Please send bug reports to <[EMAIL PROTECTED]>, not this list.
> >
> >
> > That's would realy be a top key feature Phil, even on unixes, probably usable to
> > secure ip-chains configs...
> >
> > Is it a way to do that avalaible in mc, Scott ?
>
> I guess I really don't follow this. If what you're trying to build is
> some sort of proxy or firewall, this could probably be done with using
> the standard "accept" command.
It was just a question, as is ;-) and i was far sure about the answer.
I'm not trying anything in this way...
But there is no way for one process to
> "pass" a socket request onto another process, so you'd have to do it
> the way existing firewalls and proxies do: you accept a connection
> from outside and then open another a socket connection to the inside,
> then write data read from the outside socket to the inside socket.
> And I say "probably" because at least some types of socket-based
> protocols require access to low-level socket features not available in
> the MetaCard sockets API (out-of-band data being the most notable of
> these).
Thank's.
> Regards,
> Scott
>
> > Regards, Pierre Sahores
> >
> > WEB, DB, B2B & ASP design.
> > Because people develop knowledge from scratch
> > rather than being born with built-in knowledge,
> > we can adapt to different circumstances.
> > Sampson, Geoffrey. Educating Eve :
> > The "Language Instinct" debate.
> > London: Cassell, 1997 [1999].
>
> ********************************************************
> Scott Raney [EMAIL PROTECTED] http://www.metacard.com
> MetaCard: You know, there's an easier way to do that...
Regards, Pierre Sahores
WEB, DB, B2B & ASP design.
S'écouter ou écrire au fil de la plume,
remplir l'espace d'un vide imposteur...
Facile violence sans lien avec l'art de
penser et de produire du sens.
Archives: http://www.mail-archive.com/metacard%40lists.best.com/
Info: http://www.xworlds.com/metacard/mailinglist.htm
Please send bug reports to <[EMAIL PROTECTED]>, not this list.
