[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Lynx through firewall
|
From: |
David Woolley |
|
Subject: |
Re: LYNX-DEV Lynx through firewall |
|
Date: |
Fri, 12 Sep 1997 07:46:22 +0100 (BST) |
Vijay wrote:
>
> I wanted to know if "lynx" is capable of running via a firewall.
> Thank you very much for your help.
What mechanism does your firewall provide for tunnelling HTTP?
Chances are that, if you are on a Sun and successfully using a Netscape
browser (I had to look at the mail headers), the other reply, giving
instructions for using a CERN style proxy is correct. However, Lynx
can be built to use SOCKS, which is a different mechanism. It is also
possible to use address masquerading or simple packet filters, which
should work for absolutely any HTTP client. Lynx can also be built to
do passive FTP connections, allowing it to work with the sort of firewall
that only allows outgoing connections, when accessing FTP: URLs.
Out of the box a firewall should not support any HTTP client.
The simple answer was "yes" as it works for some (actually most) firewall
configurations which permit outgoing HTTP. However there is an implied
question about compatibility with your site's firewall, which we can't
answer without knowing the nature of that firewall, and the local policies.
(In the office we use a Linux system with IP masquerading support as the
firewall. It runs the CERN proxy. However it will only accept HTTP GET and
POST methods from one machine, which runs a caching server. It will accept
HTTP CONNECT from any internal machine. The cache will only accept requests
for external sites from the machines of managers, or those with a need to
make such accesses. (The only reason we don't restrict CONNECT is that,
there is deliberately no remote management for the firewall and recreational
abuse of HTTPS without HTTP is reckoned a low risk.) For most people FTP
must be done by proxying it with HTTP, but a few people with a need to
upload to FTP sites are permitted to masquerade a connection at the IP
level, rather than the application relay used for HTTP.)
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;