Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: database in firewall

Re: database in firewall

From: Gerry Sinkiewicz <sinkiege_at_snet.net>
Date: Thu, 23 Sep 2004 00:54:27 GMT
Message-ID: <79p4d.22613$ZC7.17697@newssvr19.news.prodigy.com> 





See Oracle metalink note: 125021.1



There are differences among OS's so perhaps everyone is correct?



It also provides a solution to the original problem (CMAN), which can be
used like an oracle only firewall (cf. oracle classes I took a few years
ago).




"FM" <fabrizio.magni_at_mycontinent.com> wrote in message
news:414D80DD.60300_at_mycontinent.com...


>

>

> Sybrand Bakker wrote:

> > On Sun, 19 Sep 2004 09:13:27 +0200, Eberhard Niendorf

> > <eberhard.niendorf_at_epost.de> wrote:

> >

> >

> >>Port redirection takes place not at all, it depends on the platform. On

Unix


> >>it takes place only for shared server (MTS) or access per SSL. If the

> >>server runs on a Unix platform and no MTS, no SSL, then there are no

port


> >>redirection and the firewall have to pass only the configured

destination


> >>port

> >

> >

> > Not true. Port redirection always takes place, independent of

> > platform, whether using MTS or not using MTS.

> >

>

>

> *Not true*

>

> On unix system the socket is always opened on the listening port.

> Only windows systems need use_shared_sockets.

>

> Here are an example of two systems of mine: one aix, the other linux.

>

> Only the client side use different ports. This is right because every

> TCP connection is recognizide by: server-ip:port, client-ip:port.

> No two connections can have all four values identical.

>

> hrdb_at_root / =>netstat -a -n

> Active Internet connections (including servers)

> Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)

> tcp4       0     48  192.168.25.200.22      192.168.2.26.1025

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52504

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52495

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52490

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52489

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52488

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52487

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52486

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52485

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52484

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52483

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52482

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.204.52481

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.201.43712

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.201.43710

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.201.43709

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.201.43708

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.201.43707

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.25.201.43706

> ESTABLISHED


> tcp4       0      0  192.168.25.200.1521    192.168.24.30.4808

> ESTABLISHED


> <cut>

>

> oracle_at_brealmdbls01:~ > netstat -an

> Active Internet connections (servers and established)

> Proto Recv-Q Send-Q Local Address           Foreign Address

>

> tcp        0      0 192.168.25.44:1521      192.168.25.44:32787

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.32:4145

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.25.44:38461

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.40:2896

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.25.44:38467

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.32:4172

> ESTABLISHED


> tcp      125      0 192.168.25.44:2301      192.168.91.84:2669

> CLOSE_WAIT


> tcp        0      0 192.168.25.44:38467     192.168.25.44:1521

> ESTABLISHED


> tcp        0      0 192.168.25.44:38461     192.168.25.44:1521

> ESTABLISHED


> tcp      143      0 192.168.25.44:2301      192.168.91.84:2396

> CLOSE_WAIT


> tcp        0      0 192.168.25.44:32787     192.168.25.44:1521

> ESTABLISHED


> tcp      125      0 192.168.25.44:2301      192.168.91.84:2998

> CLOSE_WAIT


> tcp        0      0 192.168.25.44:1521      192.168.9.40:3227

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.40:3231

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.40:2719

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.40:3456

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.40:3459

> ESTABLISHED


> tcp       87      0 192.168.25.44:2381      192.168.91.84:3247

> CLOSE_WAIT


> tcp        0      0 192.168.25.44:1521      192.168.9.40:3470

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.64:2270

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.64:2251

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.64:2250

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.64:2254

> ESTABLISHED


> tcp        0      0 192.168.25.44:1521      192.168.9.29:2348

> ESTABLISHED


>

> -- 

>

> Fabrizio Magni

>

> fabrizio.magni_at_mycontinent.com

>

> replace mycontinent with europe

Received on Wed Sep 22 2004 - 19:54:27 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US