Pablo Angulo wrote: >> I don't use Linux, so I don't know the syntax for the firewall. But any >> half-reasonable firewall will allow you to open only a specific port. > I'd rather allow the host to communicate only with the sage server using > a filter for the ip. > > Almost any linux distro has iptables installed, and it's very easy to > find examples (see https://help.ubuntu.com/community/IptablesHowTo, for > example). Recently I found ufw (for uncomplicated firewall), which comes > with an really simple grafical interface: gufw. You don't need a > tutorial to use gufw. >
Are you saying iptables allows you to open a port (8000), but only Sage can use that port, and not another process that run at port 8000? If so, that is something ipfilter can't do to my knowledge. If port 8000 is opened, then any process that listens on port 8000 can run as a server. But of course, once the first process opens port 8000, nothing else can open the port. So one can't eavesdrop by creating another monitor of port 8000. My Dad has a dynamic IP address. Using dydns.org, he has a fixed domain name. I use that to get his IP address, then update the firewall every 10 minutes. So if I visit him, I can always SSH into my machine from his place, but nowhere else. Creating a firewall which dynamically changes is probably not possible with a GUI! Dave -- To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/sage-support URL: http://www.sagemath.org
