From owner-freebsd-questions Fri Mar 28 10:36:59 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id KAA25695 for questions-outgoing; Fri, 28 Mar 1997 10:36:59 -0800 (PST) Received: from mixcom.mixcom.com (mixcom.mixcom.com [198.137.186.100]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id KAA25680 for ; Fri, 28 Mar 1997 10:36:49 -0800 (PST) Received: by mixcom.mixcom.com (8.6.12/2.2) id MAA28466; Fri, 28 Mar 1997 12:29:13 -0600 Received: from p75.mixcom.com(198.137.186.25) by mixcom.mixcom.com via smap (V1.3) id sma028449; Fri Mar 28 18:28:58 1997 Message-Id: <3.0.32.19970328122101.00c22d60@mixcom.com> X-Sender: sysop@mixcom.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Fri, 28 Mar 1997 12:21:01 -0600 To: Nadav Eiron From: "Jeffrey J. Mountin" Subject: Re: [Q] newsproxy for fetching news behind firewall Cc: Darius Moos , questions@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk At 11:06 AM 3/28/97 +0300, Nadav Eiron wrote: >On Thu, 27 Mar 1997, Darius Moos wrote: >> does anybody know of an application that works as a newsproxy on the >> nntp-port. I need this for reading news behind a firewall (no local >> newsserver). >> >> Thanks in advance. >> >> Darius Moos >> >I don't have a specific news proxy, but plug-gw from the TIS fwtk >(which I believe is available in the ports) can do that. Simply "plug" a >port on the inside of your firewall to the nntp port on your news server. We use only smap, customized at that, but have to wonder if it is a long running daemon or under inetd. This should not be all that relevant, as he is beind the firewall, but something to be noted for the performance hit. This should be handled at the firewall, either finding out the port that NNTP (119) translates to, or somehow allowing it. I'll be the last is not an option if this is an office environment and I'll bet that plug-gw will not help. 'Fraid to say I usually deal with poorly done firewalls from the outside and don't care to compromize my systems for someone elses botched job. Commonly I've seen udp port 53 blocked, so inverse fails and people beind the firewall cannot pop, telnet, or ftp. Security can indeed be too good. 8-) ------------------------------------------- Jeff Mountin - System/Network Administrator jeff@mixcom.net MIX Communications Serving the Internet since 1990