[UPHPU] Bi-directional Communication Through a Firewall

Kirk Ouimet kirk at kirkouimet.com
Wed Jun 10 14:30:09 MDT 2009 

I'll be running a Java application on thousands of machines, which machines I 
am assuming will be sitting behind a firewall. I need my web server to push 
commands to this application at will. I don't want to the machine to 
periodically heartbeat to get tasks.

When the application starts up, I want it to initiate a connection to my web 
server. From my current understanding, the router will automatically use port 
address translation to understand which machine behind the firewall the 
original message came from. The router will send a message to the web server 
with the request and a randomly generated port for the server to respond back 
on. The server will then send a response back on that random port, the router 
will receive the response, know which machine is tied to the request (using 
the random port as the key), and then forward to response to that particular 
machine.

I want to do some fancy magic with this whole process, where my web server 
will actually record the port that the original request came through on and 
then use that port to send data back as needed. Essentially I want to open up 
persistent HTTP connection in order to circumvent any firewall that may be in 
place.

Is this even possible? =]

Kirk Ouimet
kirk at kirkouimet.com
Cell: (801) 310-1421


-----Original Message-----
From: uphpu-bounces at uphpu.org [mailto:uphpu-bounces at uphpu.org] On Behalf Of 
Kyle Waters
Sent: Wednesday, June 10, 2009 2:19 PM
Cc: 'uphpu'
Subject: Re: [UPHPU] Bi-directional Communication Through a Firewall

Kirk Ouimet wrote:
> Thanks for the response - unfortunately I won't have access to configure the
> firewall so I'm looking for a workaround. Something like HTTP tunneling...
>


Let me make sure I understand what you are trying to do.  You want to
set up a web server, running a webapp inside of a network with a router
that you don't control, and can't get changed?


I'm not sure you understand the issue fully yet.  In order for someone
to connect to a web server there must be an unfirewalled public ip for
them to connect to.  So even if you use "HTTP tunneling" you still need
a server on the out side to connect to.  If you have a server on the out
side why not just put the app there?

You may want to look into westhost($5/month), xmission($10/month), or
linode($20/month).  See which one best fits your needs and do that.  Or
if you are really nice one of us my give you an account you can play
around on ;)

Kyle

_______________________________________________

UPHPU mailing list
UPHPU at uphpu.org
http://uphpu.org/mailman/listinfo/uphpu
IRC: #uphpu on irc.freenode.net

More information about the UPHPU mailing list