Firewall Issue - Firewalls

This is a discussion on Firewall Issue - Firewalls ; Hi Folks, I'm new to the group, so kindly forgive it my question is not appropirate in any way. We have a situation where we have a Server application that is listening on a port on which client applications connect. ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Firewall Issue

  1. Firewall Issue

    Hi Folks,

    I'm new to the group, so kindly forgive it my question is not
    appropirate in any way.

    We have a situation where we have a Server application that is
    listening on a port on which client applications connect.
    Server and clients are on seperate networks.
    Server application network is using a firewall device as an interface
    for client connections.

    The firewall device is configured in such a way that it periodically
    performs a poll operation on the ports where the Server is listening
    for client connections, just to check the the Server application is
    alive and well.
    The Server application is written in such a way that it treats all the
    connections on this port as connect requests and proceeds to handle
    them accordingly.
    This leads to some errors of the application logs since while handling
    such requests i.e. poll operation for the firewall since the
    application doen't distinguish client connect requests from the
    firewall poll operation thereby generating following error messages:-

    GetCompletionStatus failed - "The specified
    network name is no longer available.

    My question is-

    Is there a workaround on the firewall side to fix this kind of
    behaviour by changing some kind of configuration. The poll request is
    a valid requirement and cann't be done away with.
    Or is it that I need to handle this situation in the Server
    application itself i.e. to distinguish between normal client connect
    requests and the firewall poll operation.

    I'll highly appreciate your insights.

    Thanks.
    Ankur.

  2. Re: Firewall Issue

    Ankur wrote:
    > We have a situation where we have a Server application that is
    > listening on a port on which client applications connect.
    > Server and clients are on seperate networks.
    > Server application network is using a firewall device as an interface
    > for client connections.
    >
    > The firewall device is configured in such a way that it periodically
    > performs a poll operation on the ports where the Server is listening
    > for client connections, just to check the the Server application is
    > alive and well.
    > The Server application is written in such a way that it treats all the
    > connections on this port as connect requests and proceeds to handle
    > them accordingly.
    > This leads to some errors of the application logs since while handling
    > such requests i.e. poll operation for the firewall since the
    > application doen't distinguish client connect requests from the
    > firewall poll operation thereby generating following error messages:-
    >
    > GetCompletionStatus failed - "The specified
    > network name is no longer available.
    >
    > My question is-
    >
    > Is there a workaround on the firewall side to fix this kind of
    > behaviour by changing some kind of configuration. The poll request is
    > a valid requirement and cann't be done away with.
    > Or is it that I need to handle this situation in the Server
    > application itself i.e. to distinguish between normal client connect
    > requests and the firewall poll operation.


    Well, if you have a way to perform some kind of "nop" (no operation)
    request on the server application and also are able to update the check
    on your firewall appliance accordingly, then you can get around this
    error. Otherwise it can only be fixed in the server application AFAICS.

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

+ Reply to Thread