On 19 Feb 2001, William Wise wrote: > > I don't see the point. The problem is not that we cannot connect > > outward through overly paranoid firewalls - in this case http proxies > > - but that we are a peer to peer system, so users need to be able to > > be connected to. Correct me if I'm wrong, but I don't see anything > > about SOAP which opens any backwards holes through firewalls. > > If you are given a static IP or dynamic IP from a pool of valid Class x > addresses and your firewall allows you to accept connections through > port 80 (this is the situation at my college campus) then it should be > possible for you to receive a SOAP message on port 80. I don't think > this would work in the case of NAT/PAT on the router.
I was not aware that such a configuration was in use, and even given that it is for you, I think you are in the minority. I am very wary about using SOAP for firewall peircing from the outside, because I generally don't think that trying to fight the sysadmins in that sort of whack-a-mole game is worth it - if they want to keep people from being able to connect to internal nodes, they can figure out how (Bruce Schneier's Cryptogram blasted SOAP on this point a few months back). > Let me know if I'm not making sense as my forte is programming but this > jives with what I know about the operation of firewalls and networking > in general. However, it seems as long as you're allowed http > connections on port 80 you should be able to have your code invoked > programmatically under the web services architecture. Yes, but given that this is a rather unusual configurtion, and given that it's just a matter of time before admins that are already filtering for http start filtering for specific applications pretending to be http, I can't see that this owuld be worth it. > > Will > > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://www.uprizer.com/mailman/listinfo/devl > _______________________________________________ Devl mailing list Devl at freenetproject.org http://www.uprizer.com/mailman/listinfo/devl
