 HylaFAX The world's
most advanced open source fax server
|
[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]
[hylafax-users] using faxsend/faxstat behind a nat firewall - REVISITED - how does the passive connection work?
- To: hylafax-users@xxxxxxxxxxx
- Subject: [hylafax-users] using faxsend/faxstat behind a nat firewall - REVISITED - how does the passive connection work?
- From: Eric Peers <peers@xxxxxxxxxx>
- Reply-to: peers@xxxxxxxxxx
- Date: Mon, 10 Sep 2007 12:22:40 -0600
You've seen these kinds of questions before. Here's my twist: I want to modify the source code to faxsend / InetTransport.c++: 176
I have test machine/client sitting behind a Linksys wrt54gl router. Our main server is not firewalled at all. I adjusted the hosts.hfaxd file on the main server to let me login/check status.
When I try to use faxsend/faxstat from my test machine, it fails. It hangs while waiting for a response from the server. (LIST status).
I have several problems in my home setup - I have a firewall+nat. I've read the posts about how I should set up a true Linux based firewall to properly handle this. Unfortunately I don't want to dedicate yet another machine to my setup. Plus, this is "at home". It's not enterprise class - I just want to check my status here and there.
In this particular case, I used faxstat -v to attempt to monitor what was sent (and an strace as well) from my client machine.
It appears to be sending an ip address + port number to the server. I presume the server then connects to this ip addr+port number on the client. The problem is that the ip address sent to the server is the internal ip address of the client (192.168.1.100) rather than the externally visible address.
So I tried setting up my machine as a DMZ / port forward, but neither of those worked. nor should they. If the server tries to connect to 192.168.1.100 it will fail. Connection monitoring can only go so far to map an external port+ip addr to the internal port+ip addr, right? If we give it the wrong ip address as part of the protocol, then it would not be able to map this - unless it's watching the tftp session itself?
so I figured I could tweak the faxsend + source code to submit the externally visible ip address rather than the internal non-routable address. That leaves the connection monitoring problem. If I fix this address, will connection monitoring generally just "work"? Or do I need a better router to properly handle (and transmogrify) the connection monitoring?
How about hacking/fixing it whole hog: Is it possible to request a specific port to open/listen to on the client rather than one the operating system provides? E.g. can I ask for a port in a certain range? That way I could tweak faxsend to listen to an open a port within a range on my client. Then I can set my router to map these ports to the client. And finally, I can tweak faxsend to send a particular ip address to the server, so that it can find me on the return path?
Thanks! --eric
Eric Peers
____________________ HylaFAX(tm) Users Mailing List _______________________ To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*
- Follow-Ups:
- Prev by Date: [hylafax-users] Problem to recived Faxs
- Next by Date: Re: [hylafax-users] using faxsend/faxstat behind a nat firewall - REVISITED - how does the passive connection work?
- Previous by thread: Re: [hylafax-users] Problem to recived Faxs
- Next by thread: Re: [hylafax-users] using faxsend/faxstat behind a nat firewall - REVISITED - how does the passive connection work?
- Index(es):
Project hosted by iFAX Solutions