Subject: Re: rsh, rlogin, and rexec out of a IPNAT Network
To: <>
From: David Laight <david@l8s.co.uk>
List: netbsd-users
Date: 07/07/2002 18:50:41
On Sun, Jul 07, 2002 at 08:01:59AM -0700, Gerald C. Simmons wrote:
> I'm trying to figure out how to configure a NetBSD machine connected on
> the WAN side an IP NAT router, to let me rexec and rlogin to it. I want to use
> a couple Windows machines with an X server running on them to communicate with
> the NetBSD box, but I can't seem to get past the authentication problems.
> 
> I have a feeling that stock NetBSD-1.5.X blocks requests from NAT'd IP address.
> 
> Is there a way to do this?

Your problem may be the way that rsh works.
After the initial connection to the server, the server binds to another
port and passes that port number back to the client, which then connects
again.  Finally closing the original connection.

This means it is (probably) difficult to use rsh to connect into
a NAT network, also your filter/firewall rules may prohibit the
second connection.

My guess is that the protocol was written for a system where children
didn't inherit transport connections.


	David

-- 
David Laight: david@l8s.co.uk