From mboxrd@z Thu Jan  1 00:00:00 1970
From: bert hubert <ahu@ds9a.nl>
Date: Thu, 04 Jul 2002 14:34:20 +0000
Subject: Re: [LARTC] Allowing CVS, RCP & SCP
Message-Id: <marc-lartc-102579332725183@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-102578552518735@msgid-missing>
In-Reply-To: <marc-lartc-102578552518735@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

On Thu, Jul 04, 2002 at 02:01:07PM +0100, Alex Bennee wrote:
> A. Peter Mee said:
> > Hi all,
> >
> > Could someone give me some pointers to achieving stable cvs and rcp
> > access through a fairly restrictive firewall.  I'm using a 2.4.18
> > kernel which defaults to dropping everthing, then punching holes where
> > needed and SNATting the internal network.  Single-socket protocols
> > (http, smtp, pop3) do currently function correctly through the firewall
> > so I'm assuming the cvs and rcp/scp protocols are not single-socket.
> > The ftp and irc protocols also function correctly through the firewall.
> 
> ssh is a single socket protocol. If you can ssh through your firewall then
> you can use scp. You can even tunnel other ports over the single ssh
> connection (e.g. X).
> 
> CVS isn't a network protocol. You generally run it using remote shell tools,
> in the CVS manual it allows you to specifify how with the CVS_RSH evrionment
> variable.

CVS 'pserver' lives on port 2401. Use netstat -an to see which ports have
LISTENing sockets, and open up those ports.

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
http://www.tk                              the dot in .tk
http://lartc.org           Linux Advanced Routing & Traffic Control HOWTO
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/