Thanks to all who took the time to answer.
My question was: can I find somewhere a proxy-ftp daemon/client that I
can use to ftp directly from one machine inside our LAN to the
Internet through a firewal without IP forwarding?
It seems this kind of product exists, but is NOT public domain. ATT
runs a pftp on its gateway, and I don't think they will give the
sources for that :-).
Sun is selling a product called Igateway, including Itelnet/Iftp
clients and I guess some "Idaemon" relaying the telnet and ftp
protocol on the gateway.
A very interesting package has been written by David Koblas: socks. It
is available in s1.gov:/pub/socks.tar.Z. This package is "an Internet
socket service consisting of client library routines and a daemon
which interact through a simple protocol to provide and secure network
connectivity through a firewalll host". In other words, it provides
"socket connectivity" instead of IP connectivity.
This package requires that you have the sources of the application you
want to run in proxy-mode. It comes with a modified ftp, called rftp,
and the daemon, sockd.
Easy to install and configure, but it uses its own authorization
files.
Why not use the tcpd library (with /etc/hosts.{allow,deny})?
After installation, I ran into a problem that stopped me so far: socks
works with IP adresses. This means that you have to resolve the
hostname on your local host first. But if the firewall does no IP
forwarding, you can't resolve hostnames with DNS.
Thanks to
Christophe.Wolfhugel@grasp.insa-lyon.fr
Didier.Marion@sun.fr
adn@petrel.att.com
jeff@neon.rain.com
koblas@netcom.com
matthew@sunpix.East.Sun.COM
-- Alain Mellan Advanced Computer Research Institute 1 Bvd Marius Vivier Merle voice: (+33) 72 35 84 92 69443 LYON CEDEX 03 - FRANCE email: amellan@acri.fr
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:53 CDT