Rails - Mar 2013 - Methods to access device IP inside a firewall through production ROR app

I have a ROR application that needs to access a device with it''s own IP
within my firewall. Within the network, the device IP is accessible through 
Ruby scripts utilizing TCP/IP protocol. I need a list of possible methods 
and implementations ( NOT PORT FORWARDING ) to spin a server behind this 
firewall to serve up data to the ROR application when it is on a production 
server. Anyone with any ideas please let me know.

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To view this discussion on the web visit
https://groups.google.com/d/msg/rubyonrails-talk/-/k8vjqmDcBYYJ.
For more options, visit https://groups.google.com/groups/opt_out.

Gregory Perrin wrote in post #1102504:
> I have a ROR application that needs to access a device with it''s
own IP
> within my firewall. Within the network, the device IP is accessible
> through
> Ruby scripts utilizing TCP/IP protocol. I need a list of possible
> methods
> and implementations ( NOT PORT FORWARDING ) to spin a server behind this
> firewall to serve up data to the ROR application when it is on a
> production
> server. Anyone with any ideas please let me know.
I hope the answer to this question is that there are absolutely NO 
methods or implementations to solve this "problem." This is the whole 
point to a firewall! If you could gain access to the machines behind a 
firewall then there''s absolutely no point whatsoever in having a 
firewall in the first place.

There''s a name for applications that do exactly this. They''re
called
malware!

-- 
Posted via http://www.ruby-forum.com/.

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit https://groups.google.com/groups/opt_out.

On Fri, Mar 22, 2013 at 7:27 AM, Robert Walker
<lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:
> I hope the answer to this question is that there are absolutely NO
> methods or implementations to solve this "problem." This is the
whole
> point to a firewall! If you could gain access to the machines behind a
> firewall then there''s absolutely no point whatsoever in having a
> firewall in the first place.
Sorry, that''s wildly overstated. Many firewalls exist for the purpose
of *limiting*, not *preventing* traffic between systems, .e.g. creating
a DMZ for a corporate web or mail server (or server farm).

It would be possible to allow a tightly constrained inbound access,
but if the firewall owner is like most corporate IT types, getting that
approved would admittedly be tough.

So an alternate (very general) answer to the OP''s problem would be
to proxy the device data out to the web server.

-- 
Hassan Schroeder ------------------------
hassan.schroeder-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
http://about.me/hassanschroeder
twitter: @hassan

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit https://groups.google.com/groups/opt_out.

On Mar 22, 2013, at 11:17 AM, Hassan Schroeder wrote:
> Sorry, that''s wildly overstated. Many firewalls exist for the
purpose
> of *limiting*, not *preventing* traffic between systems, .e.g. creating
> a DMZ for a corporate web or mail server (or server farm).
> 
> It would be possible to allow a tightly constrained inbound access,
> but if the firewall owner is like most corporate IT types, getting that
> approved would admittedly be tough.
The original question specified: ip address on the internal network, and no port
forwarding--calling *that* impossible is not overstating anything ;-)

-- 
Scott Ribe
scott_ribe-ZCQMRMivIIdUL8GK/JU1Wg@public.gmane.org
http://www.elevated-dev.com/
(303) 722-0567 voice




-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit https://groups.google.com/groups/opt_out.

On Fri, Mar 22, 2013 at 12:54 PM, Scott Ribe
<scott_ribe-ZCQMRMivIIdUL8GK/JU1Wg@public.gmane.org> wrote:
> The original question specified: ip address on the internal network, and no
port forwarding--calling *that* impossible is not overstating anything ;-)
Well, I''d suggest that a smart proxy/relay would not be considered
"port forwarding" (and fit the bill), but it''s obviously
easier and more
secure to just push the data out from inside.

-- 
Hassan Schroeder ------------------------
hassan.schroeder-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
http://about.me/hassanschroeder
twitter: @hassan

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit https://groups.google.com/groups/opt_out.