Archive of UserLand's first discussion group, started October 5, 1998.

Re: Firewalls, Hooray

Author:William Crim
Posted:5/5/2000; 4:29:30 PM
Topic:scriptingNews outline for 5/5/2000
Msg #:17030 (In response to 17025)
Prev/Next:17029 / 17031

Have Pike open a connection to the server. Keep the connection open. If the server needs to send stuff to the client, just send it down the old connection. So long as a connection Starts from the client inside the firewall, data can travel both ways. The firewall knows that Client1 has a connection to ManilaServer on outgoing port XXX. Once the client has opened the connection, data flow can be initiated both ways.

Think about telnet. You telnet to the server, and you have a constant connection to that server. That server can send you data, and you can send it data. HTTP opens a connection long enough to send a request, and get the result, then it closes the connection. In FTP, you connect to an FTP server. You can either use GET to get data off the server, or PUT to put data on the server. This is because the control of the pipe is two-way.

Because Pike uses XML-RPC through HTTP-POST, it sends the server a message, the server sends a response then closes the connection. Thats how HTTP was designed. Now, if the server wants to initiate a conversation with Pike, it has to do the same thing, which is to say, attach to it like a server. Since HTTP-POST is merely an encapsulation of XML, there is no reason XML-RPC has to use stateless HTTP connections. Pike could just open a connection to the server, keep it open, then both client and server could talk whenever they wanted.

Firewalls only prevent people from the outside from starting the conversation. They don't usually stop you from initiating, and continuing a conversation.

There are responses to this message:

This page was archived on 6/13/2001; 4:55:05 PM.

© Copyright 1998-2001 UserLand Software, Inc.