home *** CD-ROM | disk | FTP | other *** search
- #
- # File: HOW-IT-WORKS
- # Author: G. Paul Ziemba <paul@alantec.com>
- # SCCS: @(#)HOW-IT-WORKS 1.1 3/2/93
- # Purpose: principles of operation
- #
-
-
- Tcpr is designed to allow clients on an internal network telnet
- and ftp through an existing "firewall" host (i.e., a host that has
- IP forwarding disabled) to the outside world. There are three
- programs in this package; please refer to the picture below.
-
-
-
- +-----------+ +---------------+
- | client | | firewall |
- | host | | host |
- +-----------+ +---------------+
- | | | |
- | pclient |-------------->| tcprpmd |
- | | | |
- | | | tcprelay |
- +-----------+ +---------------+
- |
- |
- +-------> To remote host on
- outside network
-
- The pclient program gets linked to the names "pftp" and "ptelnet".
- The name it is called with determines the type of service it requests,
- and also which program (telnet or ftp) gets called after the connection
- gets set up.
-
- When pclient is invoked, it connects to the tcprpmd server on the
- firewall. It then passes information about the desired remote server
- (specifically, server address and port number) to tcprpmd.
-
- Tcprpmd then calls tcprelay to actually set up the proxy connection.
- Tcprelay connects to the remote host using the address and port number
- given via tcprpmd. After the connection is successful, it listens on
- a port on the firewall host. It tells tcprpmd what port number it is
- listening on.
-
- Tcprpmd relays the firewall port number back to pclient; pclient
- then invokes telnet or ftp _to the firewall_ on the port number it
- obtained from tcprpmd.
-
- After tcprelay has accepted the connection from the client telnet/ftp,
- it simply copies data in both directions between the client and the
- remote host. When it gets an EOF on one of the streams, it exits.
-
- Special handling is implemented to deal with ftp data connections.
- In normal operation, when the client ftp requests a transfer, it first
- sends a PORT command to the server on their control connection (the
- control connection is the connection that we set up above). The port
- command has parameters that describe the IP address and TCP port number
- on which the client is listening, in expectation that the server will
- set up a new stream connection to the client to transfer data.
-
- The tcprelay program scans the control stream from the client
- as it copies it to the remote server. If it sees a PORT command,
- it interposes itself by setting up an additional pair of connections
- for the data. It uses the paramaters from the PORT command to connect
- to the ftp client, does a listen on a new port, and then generates a new
- PORT command (with it's own parameters) to send to the remote server.
- It forwards in both directions on the data connection until EOF.
-
-