Re: Real world IP address of a machine behind a firewall ?

To: Shaul Karl <shaul@rakefet.debian.org>
Cc: debian-user@lists.debian.org
Subject: Re: Real world IP address of a machine behind a firewall ?
From: Kevin Heath <kevh@cgocable.net>
Date: Mon, 15 Nov 1999 17:09:04 -0500
Message-id: <[🔎] 19991115170904.A30071@cgocable.net>
In-reply-to: <[🔎] E11n71n-00069v-00@rakefet>; from shaul@rakefet.debian.org on Sun, Nov 14, 1999 at 11:17:32PM +0200
References: <[🔎] Pine.LNX.3.96.991112165648.1044B-100000@schmain.linuxexpert.org> <bschramm@schramms.yi.org> <[🔎] E11n71n-00069v-00@rakefet>

On Sun, Nov 14, 1999 at 11:17:32PM +0200, Shaul Karl wrote:
> I am behind a firewall and/or Proxy server (I still have to learn what is the 
> difference between those 2 and when to use each).

A firewall is a machine that sits between you and your default
internet gatway that blocks and/or modifies IP traffic which meets
certain criteria.  For example, it might block certain tcp or udp
ports, or it might change the the source address of your packets to
its own, allowing you to safely use reserved addresses (this is how
Linux's IP masquerading works.)

A proxy server is a machine which requests, locally stores,
relays frequently accessed network data for client machines.  If
it's a "transparent proxy" (which I think it is in your case), then
it is getting your data requests on certain port numbers (for
example, port 80 for http or web traffic) automatically redirected
to it by a firewall (which may actually be the same machine.)
Non-tranparent proxies require you to explictly request their
services.

> 1) How can I find out the IP address that the Proxy server shows to other 
> hosts on the Internet when I am connecting to them ? Is this address fixed ?

Just go to this page--it should list what address it thinks you
have:  http://www.webtrends.net/tools/security/antionline/

The address sites see would depend on which proxy server actually
makes the request, and whether or not it does any firewall-like
mangleing of IP headers.  Non-transparent proxies usually just give
their own address.  I'm not sure what transparent ones do--but I'm
pretty sure they could use your actual address if they wanted to.

> 2) Does any one can comment on using yi.org with a situation like mine ?

I can't see why it wouldn't work, but you should probably ask in
comp.protocols.dns to find out for sure (I really don't no anything
about dynamic DNS).  Also ask your internet provider if they block
tcp/udp ports 53 from going in or out.

> 3) Is there a specific HOWTO/FAQ etc about things you can do and how to do it 
> when you are behind firewall and/or Proxy server ?

Not that I'm aware of.  The only issues that come to mind are that
sites which require HTML cookies usually won't work through a proxy,
and that you might have to configure your ftp software for "passive"
mode if the firewall blocks incoming port 20 connections.  If it's
an actual firewall, what other issues occur will depend on what kind
of things they block.

-Kevin

Reply to:

References:
- Problem with named
  - From: Brian Schramm <bschramm@schramms.yi.org>
- Real world IP address of a machine behind a firewall ?
  - From: Shaul Karl <shaul@rakefet.debian.org>

Prev by Date: Locale C not supported?
Next by Date: Segfault in libc -- call to malloc from libpng
Previous by thread: Real world IP address of a machine behind a firewall ?
Next by thread: networking options
Index(es):
- Date
- Thread