[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TAL-IPC protocol with pf

To: misc@openbsd.org
Subject: Re: TAL-IPC protocol with pf
From: Brandon Mercer <b.mercer@trustetc.com>
Date: Wed, 01 Sep 2004 13:52:24 -0400
References: <4135E18C.4010807@trustetc.com> <8151.65.163.76.106.1094051052.squirrel@www.dixongroup.net> <4135E68A.8030703@trustetc.com> <4135F609.3040503@sys.nl>
User-Agent: Mozilla Thunderbird 0.7.1 (X11/20040626)

Daniel Polak wrote:

> Brandon,
>
> The fact that ports are mentioned at all is a STRONG pointer that the 
> protocol being used is TCP or UDP. Also telnet (see your link at 
> http://www.mastertrader.com/education/firewalls.asp) is for TCP 
> connections.
> So don't worry the protocol is TCP indeed.
>
> Like Jason says check what traffic is coming in to your firewall, 
> check what is going out and check what is being blocked (and hopefully 
> logged).
>
> Good luck!
>
> Daniel
>
> ==== Original message from Brandon Mercer at 1-9-2004 17:11
>
>> jason@dixongroup.net wrote:
>>
>>>> Hello Group,
>>>> Boy have I got one for you!  So my broker dealer upgrades his software
>>>> that he uses to get pricing and he can't get any information.  I'm on
>>>> the phone with their tech support and she says that I need to allow 
>>>> port
>>>> 1838 outbound on my firewall.  Fair enough, I try that and things 
>>>> still
>>>> don't work.  So I verify with the tech support rep that it runs over
>>>> tcp... **BIG PAUSE** she replies, well actually it works over TAL-IPC
>>>> which is a proprietary protocol that we've developed.  Oh... ok... so
>>>> tcp wasn't good enough for you?  Anyway, the problem as it stands is
>>>> that I still need to make this work.  I'm running OpenBSD 3.5 and here
>>>> is a snippet of my ruleset.
>>>>   
>>>
>>>
>>>
>>> I seriously doubt that they've rewritten their own transport-layer
>>> protocol.  I imagine it's just another application-layer protocol on 
>>> top
>>> of TCP.  What type of traffic capture have you performed?  What 
>>> _really_
>>> leads you to believe that a broken application upgrade has anything 
>>> to do
>>> with the firewall.
>>>  
>>>
>> That was my first impression too.... but in all seriousness it checks 
>> out.  :-(  Here's a link to provide some humor 
>> http://www.mastertrader.com/education/firewalls.asp. Brandon
>
>
Well, I've been able to watch the traffic pass to and fro between this 
workstation and the internet and vice versa.  So we know it's *probably* 
not on the Firewall anymore.  I'm hoping that I can get it figured out.  
Thanks all for the input you've helped me put together a very solid 
picture of what's going on. 
Brandon

References:
- TAL-IPC protocol with pf
  - From: Brandon Mercer <b.mercer@trustetc.com>
- Re: TAL-IPC protocol with pf
  - From: jason@dixongroup.net
- Re: TAL-IPC protocol with pf
  - From: Brandon Mercer <b.mercer@trustetc.com>
- Re: TAL-IPC protocol with pf
  - From: Daniel Polak <daniel@sys.nl>

Prev by Date: Re: 2 problems with xmms
Next by Date: Re: libz patch?
Prev by thread: Re: TAL-IPC protocol with pf
Next by thread: Re: TAL-IPC protocol with pf
Index(es):
- Date
- Thread