I am conjuring ghosts from a past life here.... so....I am not sure how
correct I am.... In other words I am probably full of stuff :)
I think your problem is TCP wrappers and/or lack thereof.
I willing to bet you that if you set up a VPN.... it would work like
gangbusters.
Mano.
Στις 11-04-2005, ημέρα Δευ, και ώρα 17:21 -0700, ο/η Mark Street έγραψε:
> I think I have an idea. Below is the output from my /tmp/gtmlog.txt file
> which logs all attempted connections to my server. Below we see my
> successful attempts along with unsuccessful attempts from Mano and my office.
>
> NOTE, the connections from Mano and my work are coming into the EXTERNAL
> interface of my Linux server which is public address space, my internal
> network is private 192.168.1.0/24.
>
> Note below on the connection from work how a connection is established with
> the public address of 66.224.30.98, no problem. Then when the line
> containing X=, XWBVER=1.108 we have the REAL PRIVATE address of my machine at
> work 192.168.100.145!!! Not masqueraded, different subnet..... hmmmmm. Why
> is my private address at work being used to make the TCPconnection when the
> masqueraded IP of my work makes the initial INbound connection to the server.
>
> First let's look at a successful connection log from my internal network.
> The
> server gets a connection from 192.168.1.3, establishes a connection
> TCPconnect on a high port 32862. No problem. Then a minute or so later we
> get an attempted connection from Mano in Greece. Note how his public IP
> makes the initial connection, then his private address 192.168.0.2 is used
> for the TCPconnect.
>
> There must be something in the client that is passing that INTERNAL PRIVATE
> address to the TCPConnect and messing everything up????? I have been using
> IP Masquerading and NAT for quite awhile now and I haven't seen anything like
> this before.
>
> So, fire up those Delphi IDE's and sift through the code. This client may be
> programmed to work only on one subnet. It grabs it's IP from its host and
> passes it to the server regardless of whether it is behind a NAT'd firewall
> or not. I don't know.... Someone with more brains than I can take a peek.
>
> Successful login from INternal network and failure from EXternal interface
> -----------------------
> APR 9,[EMAIL PROTECTED]:56:45 Got an inbound connection...
> XWBTDEV("KEY")="CONNECT|
> h11130730050|192.168.1.3"
> APR 9,[EMAIL PROTECTED]:56:45 LEN={XWB}00063|
> APR 9,[EMAIL PROTECTED]:56:45 X=, XWBVER=1.108, LEN=00051,
> MSG=TCPconnect^192.168.1.3^32862^localhost.localdomain^
> APR 9,[EMAIL PROTECTED]:56:45 Final
> MSG='TCPconnect^192.168.1.3^32862^localhost.localdomain^'
> APR 9,[EMAIL PROTECTED]:56:45 Entering 'callback' mode
> APR 9,[EMAIL PROTECTED]:56:45 Entering the loop: X ^%ZOSF("INTERRUPT")
> APR 9,[EMAIL PROTECTED]:56:45 About to listen for connection...
>
> APR 9,[EMAIL PROTECTED]:57:24 Got an inbound connection...
> XWBTDEV("KEY")="CONNECT|
> h11130730440|83.235.97.122"
> APR 9,[EMAIL PROTECTED]:57:24 LEN={XWB}00060|
> APR 9,[EMAIL PROTECTED]:57:24 X=, XWBVER=1.108, LEN=00048,
> MSG=TCPconnect^192.168.0.2^33560^mobile.geekdoc.org^
> APR 9,[EMAIL PROTECTED]:57:24 Final
> MSG='TCPconnect^192.168.0.2^33560^mobile.geekdoc.org^'
> APR 9,[EMAIL PROTECTED]:57:24 Entering 'callback' mode
> APR 9,[EMAIL PROTECTED]:57:24 Entering the loop: X ^%ZOSF("INTERRUPT")
> APR 9,[EMAIL PROTECTED]:57:24 About to listen for connection...
>
>
> Attempted connection from my work place on EXTERNAL interface
> ----------------------------------------
> APR 11,[EMAIL PROTECTED]:07:16 Got an inbound connection...
> XWBTDEV("KEY")="CONNECT|
> h1113 2392350|66.224.30.98"
> APR 11,[EMAIL PROTECTED]:07:16 LEN={XWB}00049|
> APR 11,[EMAIL PROTECTED]:07:16 X=, XWBVER=1.108, LEN=00037,
> MSG=TCPconnect^192.168.100.145^3020^dell^
> APR 11,[EMAIL PROTECTED]:07:16 Final
> MSG='TCPconnect^192.168.100.145^3020^dell^'
> APR 11,[EMAIL PROTECTED]:07:16 Entering 'callback' mode
> APR 11,[EMAIL PROTECTED]:07:16 Entering the loop: X ^%ZOSF("INTERRUPT")
> APR 11,[EMAIL PROTECTED]:07:16 About to listen for connection...
>
>
> APR 11,[EMAIL PROTECTED]:43:27 Got an inbound connection...
> XWBTDEV("KEY")="CONNECT|
> h1113 2414070|66.224.30.98"
> APR 11,[EMAIL PROTECTED]:43:27 Entering the loop: X ^%ZOSF("INTERRUPT")
> APR 11,[EMAIL PROTECTED]:43:27 About to listen for connection...
>
> APR 11,[EMAIL PROTECTED]:43:27 Got an inbound connection...
> XWBTDEV("KEY")="CONNECT|
> h1113 2414070|66.224.30.98"
> APR 11,[EMAIL PROTECTED]:43:27 LEN={XWB}00049|
> APR 11,[EMAIL PROTECTED]:43:27 X=, XWBVER=1.108, LEN=00037,
> MSG=TCPconnect^192.168.100.145^3083^dell^
> APR 11,[EMAIL PROTECTED]:43:27 Final
> MSG='TCPconnect^192.168.100.145^3083^dell^'
> APR 11,[EMAIL PROTECTED]:43:27 Entering 'callback' mode
> APR 11,[EMAIL PROTECTED]:43:27 Entering the loop: X ^%ZOSF("INTERRUPT")
> APR 11,[EMAIL PROTECTED]:43:27 About to listen for connection...
>
>
> On Monday 11 April 2005 14:58, Kevin Toppenberg wrote:
> > This sounds very much like the problem we were having
> > at the WorldVistA conference. I think we decided that
> > it was the old "CPRS can't connect through a
> > firewall/router problem." Supposedly newer versions
> > of CPRS have been modified to fix this problem. I had
> > a patch that specified a callback port--but I don't
> > think it ended up solving the problem either.
> >
> > > If I try to connect from outside my private network
> > > (my server has two
> > > interfaces, int. and ext.) I don't get a sucessful
> > > connection, I do get a
> > > file created XWBTCPL.mjo in vista's home dir the
> > > error message in the file
> > > states "HOME DEVICE DOES NOT EXIST IN THE DEVICE
> > > FILE".
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id�396&op=click
_______________________________________________
Hardhats-members mailing list
Hardhats-members@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/hardhats-members
