Re: CVS behind a firewall.
Tarun Garg writes: Does the cvs client randomly pick up ports at the client end ( in case of pserver)? Yes. That's the way essentially *all* TCP/IP clients work -- only the server uses a well-known port. Can I specify the port to be used at the client side ? No. Or is there something wrong with our firewalling ( or proxy) software? No. Is there something wrong with my understanding/expectation ? Yours or your firewall administrator's. You need need to configure the firewall to allow outgoing connections from any (non-reserved) port to port 2401. The rule should look almost exactly like the rule for telnet except for the different well-known port number. -Larry Jones The surgeon general should issue a warning about playing with girls. -- Calvin ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: CVS behind a firewall.
Thanks Larry. You've solved my problem and improved my basic understanding ( and that of my network administrator too !!). - Original Message - From: Larry Jones [EMAIL PROTECTED] To: Tarun Garg [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, October 13, 2001 10:36 PM Subject: Re: CVS behind a firewall. Tarun Garg writes: Does the cvs client randomly pick up ports at the client end ( in case of pserver)? Yes. That's the way essentially *all* TCP/IP clients work -- only the server uses a well-known port. Can I specify the port to be used at the client side ? No. Or is there something wrong with our firewalling ( or proxy) software? No. Is there something wrong with my understanding/expectation ? Yours or your firewall administrator's. You need need to configure the firewall to allow outgoing connections from any (non-reserved) port to port 2401. The rule should look almost exactly like the rule for telnet except for the different well-known port number. -Larry Jones The surgeon general should issue a warning about playing with girls. -- Calvin ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: CVS behind a firewall.
What understanding did you gain? I have the same problem, but do not restrict ANY outgoing ports. In gnu.cvs.help, you wrote: Thanks Larry. You've solved my problem and improved my basic understanding ( and that of my network administrator too !!). - Original Message - From: Larry Jones [EMAIL PROTECTED] To: Tarun Garg [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, October 13, 2001 10:36 PM Subject: Re: CVS behind a firewall. Tarun Garg writes: Does the cvs client randomly pick up ports at the client end ( in case of pserver)? Yes. That's the way essentially *all* TCP/IP clients work -- only the server uses a well-known port. Can I specify the port to be used at the client side ? No. Or is there something wrong with our firewalling ( or proxy) software? No. Is there something wrong with my understanding/expectation ? Yours or your firewall administrator's. You need need to configure the firewall to allow outgoing connections from any (non-reserved) port to port 2401. The rule should look almost exactly like the rule for telnet except for the different well-known port number. -Larry Jones The surgeon general should issue a warning about playing with girls. -- Calvin -- -- William Burrow -- New Brunswick, Canada o Copyright 2001 William Burrow ~ /\ ~ ()() ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
RE: CVS behind a firewall.
Which incoming ports do you restrict ? You should probably restrict 0-1023,5990-6009,2401(:)),5432 (and a few others). If you restrict them all then no packets can come through unless you set up a specific 2401 tcp proxy server. My strong suggestion is to ask a different mailing list, you'll probably get a better answer. If you're desperate, I can give you an ipchains (need a Linux 2.2 kernel afaik) script that I use and works fine for me. There are a whole bunch of ip firewall scripts on freshmeat. Try one of those. G -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of William Burrow Sent: Saturday, October 13, 2001 3:06 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: CVS behind a firewall. What understanding did you gain? I have the same problem, but do not restrict ANY outgoing ports. In gnu.cvs.help, you wrote: Thanks Larry. You've solved my problem and improved my basic understanding ( and that of my network administrator too !!). - Original Message - From: Larry Jones [EMAIL PROTECTED] To: Tarun Garg [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, October 13, 2001 10:36 PM Subject: Re: CVS behind a firewall. Tarun Garg writes: Does the cvs client randomly pick up ports at the client end ( in case of pserver)? Yes. That's the way essentially *all* TCP/IP clients work -- only the server uses a well-known port. Can I specify the port to be used at the client side ? No. Or is there something wrong with our firewalling ( or proxy) software? No. Is there something wrong with my understanding/expectation ? Yours or your firewall administrator's. You need need to configure the firewall to allow outgoing connections from any (non-reserved) port to port 2401. The rule should look almost exactly like the rule for telnet except for the different well-known port number. -Larry Jones The surgeon general should issue a warning about playing with girls. -- Calvin -- -- William Burrow -- New Brunswick, Canada o Copyright 2001 William Burrow ~ /\ ~ ()() ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs