[ale] Remote controlled port forwarder

[Atlanta Geek]

We have used IP tables as a proof of concept approach. However we have
ran into headaches with this.
We would create the rules whenever a device is registered with the
application. The problem is that registration is through a web
application, we have to give the web user sudo access to forward ports
to the device Also we have to parse the result of iptables -L to
confirm the port forwarding has not already been done.  I also really
hate doing system calls from web applications, it seems like a hack.
If IPtables has an API then maybe that would be a better solution.


On Mon, Jun 23, 2008 at 11:34 AM, JK <jknapka at kneuro.net> wrote:
> Atlanta Geek wrote:
>> Hello All,
>> I have a flex application that needs to talk to another device over a
>> socket. The rules for flex (similar to Java) are that you can only
>> open sockets back to the server you originated from (unless given
>> special permission otherwise) I was thinking I could get around this
>> by running a port forwarding application on the server. However I
>> prefer this to run in User space and that the ports could be changed
>> from another application without restarting the port forwarding
>> application. (eg dont want to modify the config file and then restart
>> the server)
>> Any suggestions.
>
>
> If humans are going to manually set up the forwarded ports, I would
> dispense with having an application on the server for this, and
> simply use iptables to configure in-kernel port forwarding.  You
> could slap some kinda GUI on top of the iptables command if desired
> (I imagine this has already been done several dozen times).
>
> -- JK
>
> --
> I do not particularly want to go where the money is -
>  it usually does not smell nice there. -- A. Stepanov
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>



-- 
Stability is for the weak!!!
Long live the next big thing.