Right. In case you were not already familiar, most firewalls simply
block all in-bound traffic unless it's in response to some outbound
traffic. So if you make a request via your web browser, the response
from the web server is allowed back in. If some random snooper comes
knocking they get nothing. With a port map, you allow in certain kinds
of traffic, usually defined by what port they connect to, to connect to
one of your internal machines. So you could run an Apache web server on
your mac and set up a port map so anyone from the internet connecting to
port 80 (usually used for http) would get connected to your Mac on port
80. Likewise for ssh port 22. Most firewall/router boxes allow you to
set up port mapping but exactly how depends on what flavor of
firewall/router you use. The addresses starting with 192.168 are called
non-routable addresses which means even if somebody got through the
firewall they wouldn't be able to connect to your box. Your firewall
does a network address translation (NAT) every time your packets venture
out on the internet. So your non-routable internal address gets replaced
with a real public routable address as it passes through the router and
then that is reversed when the response comes back in. That way you can
have multiple internet machines with piles of addresses sharing one
public IP address.
CB
On 8/27/15 11:41 AM, Sabahattin Gucukoglu wrote:
Hi Gabriele,
You’re right, Skype is a good idea. It has NAT traversal built-in. It will
save you a lot of work.
Let’s say you’re insane and decide to do this the hard way anyway. Basically
what you have to do is tell the box that manages your Internet connection to
knock a hole in its firewall and send traffic destined for a port, say port 22
for remote login, to your Mac. You could try this tool to do it using a port
mapping protocol, which will open up the hole for a while:
http://codingmonkeys.de/portmap/
If that doesn’t work, next you’ll have to log in to your router and do it
yourself with the web interface. That, I’m sorry to say, is different by
router …
Finally create the new user account, and tell the remote side to scp or sftp to
your public IP address, as reported by PortMap or your router. They have to
log in with the user and password you give them. Finally they transfer the
file.
If that sounds like a lot of work just to send a file, that’s because it is. :(
--
¯\_(ツ)_/¯
--
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
