[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: netsync with port forwarding
|
From: |
Hendrik Boom |
|
Subject: |
Re: netsync with port forwarding |
|
Date: |
Sun, 6 Jun 2021 13:23:15 -0400 |
|
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Sun, Jun 06, 2021 at 05:03:21PM +0200, Michael Raskin wrote:
> >On Sun, Jun 06, 2021 at 10:51:21AM +0200, Michael Raskin wrote:
> >> >Or is here some other way of achieving the same result -- letting
> >> >netsync work when I'm not at home?
> >>
> >> As an «adapt to the modem» approach, I would consider forwarding SSH and
> >> either port forwarding netsync in SSH connection or directly using SSH
> >> repository address (which means netsync through standard input/output
> >> through SSH).
> >
> >Two approaches here.
> >
> >(1) persuade modem to do the right thing with port 4691.
> >I've already done that, but it didn't help. Presumably because port
> >forwarding is more complicated that just rewriting packets. It is also
> >necessary to do some kind of connexion tracking so that replies to
> >incoming conexions are properly treated.
> >
> >It's entirely possible that the incomming netsync connection is properly
> >routed to usher, but that ushers' reply is not getting out through the
> >modem.
> >
> >Netsync relies on some underlying conventions on the use of TCP for a
> >two-way connexion. Is there some other protocol that shares these
> >conventions? If so I could tell the modem that this other protocol is
> >now being used on port 4691.
>
> I would frankly start with tcpdump on both sides while trying to connect
> from outside. Routers can break so many things it is not even funny…
I know. A port forwarding NAT is an intense kludge.
There was once a publicly accessible site of monotone repositories
called something like mtn-prjk.net -- a kind of github for monotone.
That would have accomplished my desire. Alas! it exists no more.
Does netsync support IPv6?
If so there will still be the question of whether the public and the
coffee ships do.)
-- hendrik
>
> >(2) use ssh.
> >
> >I guess that would involve the ssh: URI's instead of mtn" URI's
> >
> >But this is a solution that works for me only.
> >
> >I'd like these some of these repositories to be readable
> >by the public. Monotone itself has enough safeguards on a netsync
> >connexion for this. But even if I use a separate account for montone
> >repositories, someone that can use ssh to access monotone can also
> >use ssh directly and attack the repositories (by tricks like rm).
> >
> >Or is some kind of limiter possible with ssh usage?
>
> On the one hand it is, on the other one needs to be quite careful
> setting it up to not leave a hole.
Maybe an account whose shell is usher? Or something that knows how to
usher?
-- hendrik
- netsync with port forwarding, Hendrik Boom, 2021/06/05
- netsync with port forwarding, Michael Raskin, 2021/06/06
- Re: netsync with port forwarding, Hendrik Boom, 2021/06/06
- Re: netsync with port forwarding, Michael Raskin, 2021/06/06
- Re: netsync with port forwarding,
Hendrik Boom <=
- Re: netsync with port forwarding, Michael Raskin, 2021/06/06
- Re: netsync with port forwarding -- SOLVED, Hendrik Boom, 2021/06/08
- Re: netsync with port forwarding -- SOLVED, Michael Raskin, 2021/06/08
- Re: netsync with port forwarding -- SOLVED, Hendrik Boom, 2021/06/08
- Re: netsync with port forwarding -- SOLVED, Michael Raskin, 2021/06/09