[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

B. Dealing with Firewalls

By default, Emacs can support standard TCP/IP network connections on almost all the platforms it runs on (Unix, VMS, Windows, etc). However, there are several situations where it is not sufficient.

Firewalls
It is becoming more and more common to be behind a firewall or some other system that restricts your outbound network activity, especially if you are like me and away from the wonderful world of academia. Emacs/W3 has several different methods to get around firewalls (not to worry though -- none of them should get you in trouble with the local MIS department.)

Emacs cannot resolve hostnames.
This happens quite often on SunOS workstations and some ULTRIX machines. Some C libraries do not include the hostname resolver routines in their static libraries. If Emacs was linked statically, and was not linked with the resolver libraries, it wil not be able to get to any machines off the local network. This is characterized by being able to reach someplace with a raw ip number, but not its hostname (http://129.79.254.191/ works, but http://www.cs.indiana.edu/ doesn't).

The best solution for this problem is to recompile Emacs, making sure to either link dynamically (if available on your operating system), or include the `-lresolv'.

If you do not have the disk space or the appropriate permissions to recompile Emacs, another alternative is using the `nslookup' program to do hostname resolution. To turn this on, set the variable url-gateway-broken-resolution in your `~/.emacs' file. This runs the program specified by url-gateway-nslookup-program (by default "nslookup" to do hostname resolution. This program should expect a single argument on the command line -- the hostname to resolve, and should produce output similar to the standard Unix `nslookup' program:

 
Name: www.cs.indiana.ed
Address: 129.79.254.191

Using TERM (or TERM-like) Networking Software
TERM (3) for slip-like access to the internet.

NOTE: XEmacs and Emacs 19.22 or later have patches to enable native TERM networking. To enable it, #define TERM in the appropriate s/*.h file for the operating system, then change the SYSTEM_LIBS definition to include the `termnet' library that comes with the latest versions of TERM.

If you run into any problems with the native TERM networking support in Emacs or XEmacs, please let wmperry+w3@cs.indiana.edu know, as he is responsible for the original support.

Emacs/W3 has support for using the gateway mechanism for certain domains, and directly connecting to others. The variable url-gateway-local-host-regexp controls this behaviour. This is a regular expression (4) that matches local hosts that do not require the use of a gateway. If nil, then all connections are made through the gateway.

Emacs/W3 supports several methods of getting around gateways. The variable url-gateway-method controls which of these methods is used. This variable can have several values (use these as symbol names, not strings), ie: `(setq url-gateway-method 'telnet)'. Possible values are:

telnet
Use this method if you must first telnet and log into a gateway host, and then run telnet from that host to connect to outside machines.

url-gateway-telnet-host
The gateway host to telnet to. Once logged in there, you then telnet out to the hosts you want to connect to.
url-gateway-telnet-parameters
This should be a list of parameters to pass to the `telnet' program.
url-gateway-telnet-password-prompt
This is a regular expression that matches the password prompt when logging in.
url-gateway-telnet-login-prompt
This is a regular expression that matches the username prompt when logging in.
url-gateway-telnet-user-name
The username to log in with.
url-gateway-telnet-password
This is the password to send when logging in.
url-gateway-prompt-pattern
This is a regular expression that matches the shell prompt.

rlogin
This method is identical to the telnet method, but uses `rlogin' to log into the remote machine without having to send the username and password over the wire every time.

url-gateway-rlogin-host
Host to `rlogin' to before telnetting out.
url-gateway-rlogin-parameters
Parametres to pass to `rsh'.
url-gateway-rlogin-user-name
User name to use when logging in to the gateway.
url-gateway-prompt-pattern
This is a regular expression that matches the shell prompt.

tcp
Masanobu UMEDA (umerin@mse.kyutech.ac.jp) has written a very small application that you can run in a subprocess to do the network connections.

SOCKS
Use if the firewall has a SOCKS gateway running on it. SOCKS v5 protocol is defined in RFC1928.

socks-password
If this is nil then you will be asked for the passward, otherwise it will be used as the password for authenticating you to the SOCKS server.

socks-username
This is the username to use when authenticating yourself to the SOCKS server. By default this is your login name

socks-timeout
This controls how long, in seconds, Emacs/W3 will wait for responses from the SOCKS server; it is 5 by default.

socks-server
Thiss the default server, it take the form (`"Default server"' server port version) where version can be either 4 or 5.

socks-server-aliases
This a list of server aliases. It is a list of aliases of the form (alias hostname port version).

socks-network-aliases
This a list of network aliases. Each entry in the list takes the form (alias (network)) where alias is a string that names the network. The networks can contain a pair (not a dotted pair) of IP addresses which specify a range of IP addresses, an IP address and a netmask, a domain name or a unique hostname or IP address.

socks-redirection-rules
This a list of redirection rules. Each rule take the form (Destination network Connection type) where Destination network is a network alias from socks-network-aliases and Connection type can be nil in which case a direct connection is used, or it can be an alias from socks-server-aliases in which case that server is used as a proxy.

socks-nslookup-program
This the `nslookup' program. It is `nslookup' by default.

native
This means that Emacs/W3 should use the builtin networking code of Emacs. This should be used only if there is no firewall, or the Emacs source has already been hacked to get around the firewall.

Emacs/W3 should now be able to get outside the local network. If none of this makes sense, its probably my fault. Please check with the network administrators to see if they have a program that does most of this already, since somebody somewhere at the company has probably been through something similar to this before, and would be much more helpful/knowledgeable about the local setup than I would be. But feel free to mail me as a last resort.


[ << ] [ >> ]           [Top] [Contents] [Index] [ ? ]

This document was generated by XEmacs Webmaster on October, 2 2007 using texi2html