[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Help?

Subject: Re: [cobalt-users] Help?
From: "Henry J. Cobb" <hcobb@xxxxxxxxxxxxxxxxx>
Date: Mon Aug 7 10:26:34 2000

>From: "H.P. Stroebel" <hpstr@xxxxxxxxxxxxx>
>if you want to affect ALL services, in my opinion the most simple way is
>rejecting it using the kernel`s routing table. so arriving packets from
>that ip are just "thrown away". i don`t know if this is possible using
>hostnames, though. that would be a firewalling job.

Routing is a separate level of the TCP/IP protocol stack than name
resolution for a very good reason.

Generic TCP connection requests do not carry the remote (or local) host
name.  (Hence the problem with Multiple virtual SSL hosts on the same IP
address.)

You could design a tool to reject TCP connections by hostname, but then it
would have to wait for a reverse DNS lookup on every connection from a new
client and that result would give only one of possibly many virtual host
names for a given address.

-HJC

Follow-Ups:
- Re: [cobalt-users] Help?
  - From: flash22

References:
- Re: [cobalt-users] Help?
  - From: Kris Dahl
- Re: [cobalt-users] Help?
  - From: H.P. Stroebel

Prev by Date: Re: [cobalt-users] How to run PHP scripts on RaQ3 (was PHP3)
Next by Date: [cobalt-users] Virtual domain log files???
Previous by thread: Re: [cobalt-users] Help?
Next by thread: Re: [cobalt-users] Help?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index