Guy D'haenens
2004-03-30 14:35:55 UTC
Hi,
I created an application where multiple clients can rmi-connect to a server
using queues and xml-messages (asynchronous). The server passes the requests
one after another to another server and waits for the answer (synchronous).
It then passes the responses back to the client. Nothing fancy.
Problem now is that if the client is behind a firewall, the response from
the server is never received for the following reason:
client A sends a request to server B. The clients firewall changes the
ip-address of A to A'. B acknowledges A in a NEW connection using A'
ip-address which of course is not allowed (=hacker-attack).
My question is: why does B create a new connection and doesn't it use the
existing one (A to B). Using the existing one would be accepted by the
firewall.
Is this by design or am I missing something here?
Cheers,
Guy
I created an application where multiple clients can rmi-connect to a server
using queues and xml-messages (asynchronous). The server passes the requests
one after another to another server and waits for the answer (synchronous).
It then passes the responses back to the client. Nothing fancy.
Problem now is that if the client is behind a firewall, the response from
the server is never received for the following reason:
client A sends a request to server B. The clients firewall changes the
ip-address of A to A'. B acknowledges A in a NEW connection using A'
ip-address which of course is not allowed (=hacker-attack).
My question is: why does B create a new connection and doesn't it use the
existing one (A to B). Using the existing one would be accepted by the
firewall.
Is this by design or am I missing something here?
Cheers,
Guy