firewall

问题 I have a mongoDB replica set in azure I have: server1 Primary server2 secondary server3 Arbiter I have a dev environment on my local machine that I want to point to this mongoDB instance What do I open on my Azure Firewall to make sure this configuration is setup with best practices. Do I create a load balanced endpoint to the Primary and Secondary or do I create a single endpoint to the arbiter, or perhaps even something else? thanks! 回答1: MongoDB will not play well with a load-balanced

问题 I developed a WCF service and i have published it with IIS. All goes well inside the local network but when the service is accessed by an external client from the internet, redirected by a firewall, the service generates a local wsdl uri that cannot be solve by the client. Something like this: URI needed : http:// external_url /service.svc?wsdl URI created : http:// internal_url /service.svc?wsdl I would like to continue using the automatic generation of the wsdl file without indicating an

问题 I am trying to restrict my outbound access for my VPC. I would like to restrict the outbound access to certain URL but the security group only let you set IPs and no URL. Is there any way to restrict outbound access by URL instead of IPs? 回答1: The firewall does not resolve URLs. That would require a higher order firewall that is aware of the HTTP protocol contents. More Info on the OSI Model: http://en.wikipedia.org/wiki/OSI_model The closest you will get with the network ACL's in VPC, is to

问题 I am trying to restrict my outbound access for my VPC. I would like to restrict the outbound access to certain URL but the security group only let you set IPs and no URL. Is there any way to restrict outbound access by URL instead of IPs? 回答1: The firewall does not resolve URLs. That would require a higher order firewall that is aware of the HTTP protocol contents. More Info on the OSI Model: http://en.wikipedia.org/wiki/OSI_model The closest you will get with the network ACL's in VPC, is to

问题 I have a Web role on Azure. I would like to allow only my people to access the web role. I have found post to manual/code to restrict IPs to access the role. I would like to create firewall way(something like SQL Azure's firewall) to block/allow IPs. I could not find any setting in Azure console. please help. 回答1: If you publish your endpoint on the Internet through the Windows Azure load balancer, there is no option in place to define firewall rules on Azure. But you can secure access to VMs

问题 CONTEXT: I wanted to have a shell script that would block all Inbound/Outbound traffic to my computer, UNLESS I decide I want to use the browser or some other application, in which case I would summon it and only those applications would run. I have researched previous scripts made by smart individuals (links to sources at the end), as well as invested the time to learn to use iptables myself (still working on this front). Here is the result of the work done: RESULTS: before the shell script

问题 JMX enabled Java application appears to open a random high order port when JMX client connects I have successfully configured a helloworld JMX enabled program, and I can connect to it using jconsole JMX client from a remote location. When I attempt to turn on iptables I noticed that a random high order port is established when a client logs in. Eventually I would like to monitor Java applications in firewall segregated network segments. Can we control the range the random port opens in? I'll

问题 OSX El Capitan version 10.11.4 I am building an application in Xcode and signing it with an official developer cert. I then package this into a DMG which I am also signing. My application listens for TCP connections on a specific port (7772 in this case). I verified the signature: $ codesign -dvvvv /Applications/Foo.app/ Executable=/Applications/Foo.app/Contents/MacOS/Foo Identifier=com.foo.bar.Foo Format=app bundle with Mach-O thin (x86_64) CodeDirectory v=20200 size=69949 flags=0x0(none)

问题 I want create firewall app for Android that when an app wants to connect to internet shows app's name and let the user block it for permanent or block it temporarily or allow it and when that app wants to receive data from network shows app name and user can allow or deny it. I viewed this question: create firewall, but it doesn't cover my needs. Any suggestion to detect which apps have access to network and / or receive data from it? Thanks! 回答1: This is quite possible, and has been done

问题 Can anyone confirm that using a persistent outgoing TCP connection on port 80 will not be blocked by the vast majority of consumer firewalls? That has been assumption based on the fact that HTTP runs over TCP, but of course it is theoretically possible to analyze the packets. Question is do most CONSUMER firewalls do this or not? 回答1: The feature is called ALG, Application Layer Gateway. This is where the firewall is aware of and perhaps even participates in an application protocol There are