Wednesday, June 29, 2005

CVS access from behind the Proxy/Firewall

Normally, in educational institutions, every computer is behind a firewall/proxy. A proxy is usually configured to access the Web (Webserver Port: 80). ie the destination port is 80.
So it wont allow any other connections like cvs, ftp, irc etc. Inorder to configure the proxy, u need to configure the proxy/firewall to allow connections to CVS Server (Port: 2401) and IRC server (Port: 6667, think so) and so on. Firewall configuration is done using the command IPTABLES. So to configure the firewall/proxy, just ask the network administrator to add the following lines to the Firewall script.
iptables -A FORWARD -s IP_ADDR -p tcp --dport DEST_PORT -j ACCEPT

Eg:
iptables -A FORWARD -s 192.168.1.55 -p tcp --dport 2401 -j ACCEPT

This command will now allow CVS access to the computer with IP address 192.168.1.55

Similarly, you can change the Port number and IPaddress as per your requirements.

You might sometime get the error "Unknown Host". The problem is that, you have to configure the setting for DNS server properly or try to include the ipaddress of the host in the /etc/hosts file.

Note: Please ask your network administrator to do the following changes and only he can do the above changes.

1 comment:

Unknown said...

are network admins so stupid to let users have the firewall breach? well then there is no need of firewall :))