connection
Click on the red underlined text to get to the source
... firewall. An initiating machine inside
the firewall makes a connection to the proxy, then ask that proxy to
...
... proxy, then ask that proxy to
make a connection to an endpoint outside the firewall. Once this
...
... endpoint outside the firewall. Once this
connection is established, the proxy tells the outside endpoint that
...
...
Another use for this profile is to limit connections to outside
servers based on the user identity negotiated via SASL ...
... next proxy being requested, it can refuse to tunnel connections if
inadequate levels of authorization have been established. It is also
...
... possible to use the TUNNEL profile to anonymize the true source of a
BEEP connection, in much the way a NAT translates IP addresses.
...
... operation and use of this profile. In these examples, the machine
attempting to establish the connection is named "initial", while the
intermediate proxies are "proxy1" or "proxy2", and the machine with
...
...
A simple one-hop connection through a single proxy is illustrated
first.
...
... proxy1 starts passing octets transparently. It continues to do
so until either transport connection is closed, after which it
closes the other.
...
... IPv4 address.
An "ip6" attribute is interpreted as a text representation of an IPv6
address. In each of these cases, a transport connection is
established to the so-identified server. If the outermost element
...
... that lookup fails and a "port" attribute is present, the connection
is attempted as if the "srv" attribute were not specified.
...
... BEEP"
example above.) In this case, as soon as the final underlying
transport connection is established, an "ok" element is returned over
the listening session ...
... element, the proxy begins copying octets directly and without
any interpretation between the two underlying transport connections.
If the identified server cannot be contacted, an "error" element ...
... element is
returned over the listening channel and any connection established as
an initiator is closed. If there is a nested "tunnel ...
... BEEP greeting offered does not include the TUNNEL profile, then
this too is treated as an error: the initiating transport connection
is closed, and an error is returned.
...
... element, it closes the initiated session and its
underlying transport connection. It then passes the "error" element
unchanged back on the listening session ...
... proxy begins copying octets
directly and without any interpretation between the two underlying
transport connections.
...
... transport
layers.
In a mapping where multiple underlying transport connections are
used, once the "ok" element is passed, all channels ...
... channels are closed,
including channel zero. Thus, only the underlying transport
connection initially established remains, and all other underlying
transport connections for the session ...
... channel zero. Thus, only the underlying transport
connection initially established remains, and all other underlying
transport connections for the session should be closed as well.
...
... 450 Requested action not taken
(E.g., DNS lookup failed or connection could not
be established. See too 550.)
...
... port" and "srv" attributes) can route a
connection to the firewall proxy, with an innermost "profile ...
... profile" or "endpoint"
connections, always refusing to even attempt source-routed
connections. This latter attack ...
... connections, always refusing to even attempt source-routed
connections. This latter attack can also be thwarted by requiring
a SASL ...