On Tue, Oct 17, 2000 at 11:55:49AM -1000, Kevin Saenz wrote:
> Hi has anyone had any joy allowing oracle plus/sql through a firewall?
Not really recommended from a security point of view. A firewall really needs
to be able to analyse data that passes through and be able to stop unauthorised
data from getting out. You will have much tighter control of the data if you
write your own application that sits between the firewall and the database.
If, however, you still want to proxy direct connections to the database...
> Does anyone know what ports TNS use when sending and recieving
> information
I take it you want to proxy connections to the "LISTENER"? This is defined
in the config file $ORACLE_HOME/network/admin/listener.ora. A sample
listener.ora file may look something like this (names changed to protect the
innocent) :
# LISTENER.ORA Configuration File:/pkgs/oracle_root/u01/app/oracle/product/8.1.6
/network/admin/listener.ora
# Generated by Oracle configuration tools.
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC))
)
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = penguin)(PORT = 1521))
)
)
(DESCRIPTION =
(PROTOCOL_STACK =
(PRESENTATION = GIOP)
(SESSION = RAW)
)
(ADDRESS = (PROTOCOL = TCP)(HOST = penguin)(PORT = 2481))
)
)
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /pkgs/oracle_root/u01/app/oracle/product/8.1.6)
(PROGRAM = extproc)
)
(SID_DESC =
(GLOBAL_DBNAME = db1.domain1)
(ORACLE_HOME = /pkgs/oracle_root/u01/app/oracle/product/8.1.6)
(SID_NAME = db1)
)
)
>From the above config Oracle allows its proprietary protocol to connect to
port 1521 of the server penguin and the GIOP protocol (i.e. CORBA) to
connect to port 2481.
See the doco on the lsnrctl utility for more details.
Rob.
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
