AFP access and ports?

Similar Messages

• I have moved from a G5 Powermac to an Intel Mac Pro and am porting over Items from a Backup HDD. How can I access and use drawings and documents created on the PC computer on the Intel computer ?

  I have moved from a G5 Powermac to an Intel Mac Pro and selectively porting over items from a backup hard drive.
  How can I access and use documents and drawings created on the PC based computer ?

  Clarisworks, you need Appleworks, which will only work with Mac OS X10.6.8 or earlier.  See this tip if you must go newer.  Mac Pros with newer hardware configuration than July 20, 2011 can't use Mac OS X 10.6.8 or earlier without this tip and then it would be Mac OS X Server.  I'm not sure if the new black Mac Pro supports that configuration or not.
  iPhoto, there is an iPhoto for all versions of Mac OS X.
  iTunes, there is an iTunes for all versions of Mac OS X.  Note with iTunes versions 11 and later, which are needed for syncing with iOS 7 or or later, you will lose coverflow, if you liked that feature.  Sadly you can't run an older version of iTunes from within Mac OS X 10.9 or later.
  Sketchup: http://help.sketchup.com/en/article/60107 shows the versions that will work with intermediate Mac OS X versions, and this shows the latest version: http://help.sketchup.com/en/article/36208 be sure to click on the operating system you choose to use.
  GIF - Viewing GIFs Apple's Preview can do that.  Editing them, I like http://www.lemkesoft.com/ Graphicconverter.
  DMG is able to be opened by all versions of Mac OS X.  This are just "disk images" which store programs on a virtual disk that will open when double clicked.    Frequently you'll find the installer of the said program inside.  To find out if the program itself is compatible with 10.7 through 10.9, see http://www.roaringapps.com/
  Otherwise see the resources on:
  https://discussions.apple.com/docs/DOC-2455
  If you end up deciding to stick with Snow Leopard.

• Access "Host"  and port information

  Hi,
  Is there a way to access host name and port number (http://<servername>:<port>) programmatically.
  Regards,
  Naveen

  Hi Naveen,
  The portal sets a cookie on the user's desktop that includes a number that corresponds to the physical portal server that you're connected to and the portal server node. The name of this cookie is saplb_*. One way to examine the value of this cookie is to log into the portal and then type the following command in your address line:
  javascript:alert(document.cookie);
  This will cause a box to pop up containing a list of your cookies. The value of your saplb_* cookie will look something like this:
  saplb_*=(J2EE1233000)1233050;
  The number that you want is after the end parenthesis. In other words, you want 1233050. Now, navigate to:
  Java Developer -> Portal Archive Deployer & Remover
  Look in the 'Cluster Administration' area. This section contains Server ID, Server Name, Server Type, and Server IP. Look for your 1233050 number in the Server ID area, and then find that line's corresponding IP Address. You then do an NSLookup with that IP Address and there you will have your hostname.
  From what I understand, all of the data in that Cluster Administration page is static. In other words, it will not change. I have made a jsp to grab that cookie's value and then translate that into the hostname. I've hardcoded the data from the Cluster Administration page into my jsp. Also, this data did not change after we upgraded from EP6 to EP7.
  I hope this helps!
  -StephenS

• How to set up full access and limited access wireless networks to laptops

  Dear Apple,
  I just received my Apple 1 TB Time Capsule. Can someone please help me with a network configuration I want to set up?
  I have a cable modem, and, three computers: a G4 iMAC (system 10.5.5), an Apple MacBook (system 10.5.5), and, a PC laptop.
  The Time Capsule is connect directly to the cable modem.
  Regarding the computers:
  (1) I want the G4 iMAC to connect directly, via an Ethernet cable, to the Time Capsule, WITH FULL ALLOWED ACCESS to the Time Capsule and to the back-up function of the Time Machine feature, and, with allowed access to my HP inkjet printer (class 6110);
  (2) I also want the MacBook laptop to wirelessly link to the Time Capsule via the Airport utility on the laptop, and, WITH FULL ALLOWED ACCESS to the Time Capsule and to the back-up function of the Time Machine feature (using WPA/WPA2 security, and, without the network name visible to third parties), and, WITH allowed access to my HP inkjet printer (class 6110);
  (3) I want the PC laptop to wirelessly link to the Time Capsule (using WEP security), but WITHOUT ACCESS to the Time Machine, WITHOUT access to the back-ups on the iMAC, WITHOUT access to the back-ups on the MacBook, and, WITHOUT access to the inkjet printer --- I only want the PC to use the Time Capsule as a WIRELESS ROUTER so that the PC laptop can access the internet.
  (4) And, finally, I want to specify (Time-Capsule/Time-Machine/server ) access ONLY to the iMAC and the MacBook, so that others cannot gain any access.
  I specifically need help to set up and configure the Time Capsule so that the PC laptop, as stated above, should have limited access to the Time Capsule --- namely, only to access the internet, and, not even be aware of stored data on the Time Capsule, not even be aware of the inkjet printer, and, not even see my WPA network name when the PC scans for wireless devices.
  I also want the iMAC and the MacBook to have access to each other’s data stored on the Time Capsule (like a common server).
  I have an old D-Link DI-624 wireless router that I used before buying the Time Capsule, which is available, if needed. Hopefully, I can configure the Time Capsule so that I would not need the old D-Link.
  Thank you in advance,
  David.

  The basic method for remote access is not changed.
  http://gigaom.com/apple/access-your-time-capsule-over-the-internet/
  You have a few issues.
  The really big one.. the school firewall should not let you connect to home.
  Check the IT admin at your school but if they allow anything but a few protocols like http and https through, they are not doing their job. You cannot afford in a large network to have every Tom Dick and Harry access any open device.. that can introduce viruses and trojans into the network behind the firewall.
  The general method for remote access on large networks is vpn and the TC offers no vpn connection.. just AFP.
  If you intend using 3G wireless stick or the like then you can get access.
  The next issue is static public IP or how to find the TC.. you need some way to find the IP if your ISP does not offer static ip, and the tc has no dyndns client. Since Apple shut down new users for mobileme and will close that service there is no method to find the TC IP without owning your own domain. You would be better placing the TC in bridge behind a router that does offer dyndns and port forward AFP (TCP 548) to it.

• Howto: Zones in private subnets using ipfilter's NAT and Port forwarding

  This setup supports the following features:
  * Requires 1 Network interface total.
  * Supports 1 or more public ips.
  * Allows Zone to Zone private network traffic.
  * Allows internet access from the global zones.
  * Allows direct (via ipfilter) internet access to ports in non-global zones.
  (change networks to suit your needs, the number of public and private ip was lowered to simplify this doc)
  Network setup:
  iprb0 65.38.103.1/24
  defaultrouter 65.38.103.254
  iprb0:1 192.168.1.1/24 (in global zone)
  Create a zone on iprb0 with an ip of 192.168.1.2
  ### Example /etc/ipf/ipnat.conf
  # forward from a public port to a private zone port
  rdr iprb0 65.38.103.1/32 port 2222 -> 192.168.1.2 port 22
  # force outbound zone traffic thru a certain ip address
  # required for mail servers because of reverse lookup
  map iprb0 192.168.1.2/32 -> 65.38.103.1/32 proxy port ftp ftp/tcp
  map iprb0 192.168.1.2/32 -> 65.38.103.1/32 portmap tcp/udp auto
  map iprb0 192.168.1.2/32 -> 65.38.103.1
  # allow any 192.168.1.x zone to use the internet
  map iprb0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
  map iprb0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto
  map iprb0 192.168.1.0/24 -> 0/32For testing purposes you can leave /etc/ipf/ipf.conf empty.
  Be aware the you must "svcadm disable ipfilter; svcadm enable ipfilter" to reload rules and the rules stay loaded if they are just disabled(bug).
  Zones can't modify their routes and inherit the default routes of the global zone. Because of this we have to trick the non-global zones into using a router that doesn't exist.
  Create /etc/init.d/zone_route_hack
  Link this file to /etc/rc3.d/S99zone_route_hack.
  #/bin/sh
  # based on information found at
  # http://blogs.sun.com/roller/page/edp?entry=using_branded_zones_on_a
  # http://forum.sun.com/jive/thread.jspa?threadID=75669&messageID=275741
  fake_router=192.168.1.254
  public_net=65.38.103.0
  router=`netstat -rn | grep default | grep -v " $fake_router " | nawk '{print $2}'`
  # send some data to the real network router so we look up it's arp address
  ping -sn $router 1 1 >/dev/null
  # record the arp address of the real router
  router_arp=`arp $router | nawk '{print $4}'`
  # delete any existing arp address entry for our fake private subnet router
  arp -d $fake_router >/dev/null
  # assign the real routers arp address to our fake private subnet router
  arp -s $fake_router $router_arp
  # route our private subnet through our fake private subnet router
  route add default $fake_router
  # Can't create this route until the zone/interface are loaded
  # Adjust this based on your hardware and number of zones
  sleep 300
  # Duplicate this line for every non-global zone with a private ip that
  # will have ipfilter rdr (redirects) pointing to it
  route add -net $public_net 192.168.1.2 -ifaceNow we have both public and private ip addresses on our one iprb0 interface. If we'd really like our private zone network to really be private we don't want any non-NAT'ed 192.168.1.x traffic leaving the interface. Since ipfilter can't block traffic between zones because they use loopbacks we can just block the 192.168.1.x traffic and the zones can still talk.
  The following /etc/ipf/ipf.conf defaults to deny.
  # ipf.conf
  # IP Filter rules to be loaded during startup
  # See ipf(4) manpage for more information on
  # IP Filter rules syntax.
  # INCOMING DEFAULT DENY
  block in all
  block return-rst in proto tcp all
  # two open ports one of which is redirected in ipnat.conf
  pass in quick on iprb0 proto tcp from any to any port = 22 flags S keep state keep frags
  pass in quick on iprb0 proto tcp from any to any port = 2222 flags S keep state keep frags
  # INCOMING PING
  pass in quick on iprb0 proto icmp from any to 65.38.103.0/24 icmp-type 8 keep state
  # INCOMING GLOBAL ZONE UNIX TRACEROUTE FIX PART 1
  #pass in quick on iprb0 proto udp from any to 65.38.103.0/24 keep state
  # OUTGOING RULES
  block out all
  # ALL INTERNAL TRAFFIC STAYS INTERNAL (Zones use non-filtered loopback)
  # remove/edit as needed to actually talk to local private physical networks
  block out quick from any to 192.168.0.0/16
  block out quick from any to 172.16.0.0/12
  block out quick from any to 10.0.0.0/8
  block out quick from any to 0.0.0.0/8
  block out quick from any to 127.0.0.0/8
  block out quick from any to 169.254.0.0/16
  block out quick from any to 192.0.2.0/24
  block out quick from any to 204.152.64.0/23
  block out quick from any to 224.0.0.0/3
  # Allow traffic out the public interface on the public address
  pass out quick on iprb0 from 65.38.103.1/32 to any flags S keep state keep frags
  # OUTGOING PING
  pass out quick on iprb0 proto icmp from 65.38.103.1/32 to any icmp-type 8 keep state
  # Allow traffic out the public interface on the private address (needs nat and router arp hack)
  pass out quick on iprb0 from 192.168.1.0/24 to any flags S keep state keep frags
  # OUTGOING PING
  pass out quick on iprb0 proto icmp from 192.168.1.0/24 to any icmp-type 8 keep state
  # INCOMING TRACEROUTE FIX PART 2
  #pass out quick on iprb0 proto icmp from 65.38.103.1/32 to any icmp-type 3 keep stateIf you want incoming and outgoing internet in your zones it is easier if you just give them public ips and setup a firewall in the global zone. If you have limited public ip address(I'm setting up a colocation 1u server) then you might take this approach. One of the best things about doing thing this way is that any software configured in the non-global zones will never be configured to listen on an ip address that might change if you change public ips.

  Instead of using the script as a legacy_run script, set it up in SMF.
  First create the file /var/svc/manifest/system/ip-route-hack.xml with
  the following
  ---Start---
  <?xml version="1.0"?>
  <!DOCTYPE service_bundle SYSTEM
  "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
  <!--
  ident "@(#)ip-route-hack.xml 1.0 09/21/06"
  -->
  <service_bundle type='manifest' name='NATtrans:ip-route-hack'>
  <service
  name='system/ip-route-hack'
  type='service'
  version='1'>
  <create_default_instance enabled='true' />
  <single_instance />
  <dependency
  name='physical'
  grouping='require_all'
  type='service'
  restart_on='none'>
  <service_fmri value='svc:/network/physical:default' />
  </dependency>
  <dependency
  name='loopback'
  grouping='require_all'
  type='service'
  restart_on='none'>
  <service_fmri value='svc:/network/loopback:default' />
  </dependency>
  <exec_method
  type='method'
  name='start'
  exec='/lib/svc/method/svc-ip-route-hack start'
  timeout_seconds='0' />
  <property_group name='startd' type='framework'>
  <propval name='duration' type='astring'
  value='transient' />
  </property_group>
  <stability value='Unstable' />
  <template>
  <common_name>
  <loctext xml:lang='C'>
  Hack to allow zone to NAT translate.
  </loctext>
  </common_name>
  <documentation>
  <manpage
  title='zones'
  section='1M'
  manpath='/usr/share/man' />
  </documentation>
  </template>
  </service>
  </service_bundle>
  ---End---
  then modify /var/svc/manfiest/system/zones.xml and add the following
  dependancy
  ---Start---
  <dependency
  name='inet-ip-route-hack'
  type='service'
  grouping='require_all'
  restart_on='none'>
  <service_fmri value='svc:/system/ip-route-hack' />
  </dependency>
  ---End---
  Finally create the file /lib/svc/method/svc-ip-route-hack with the
  contents of S99zone_route_hack, minus the sleep timer (perms 0755). Run
  'svccfg import /var/svc/manifest/system/ip-route-hack.xml' and 'svccfg
  import /var/svc/manifest/system/zones.xml'.
  This will guarantee that ip-route-hack is run before zones are started,
  but after the interfaces are brought on line. It is worth noting that
  zones.xml may get overwritten during a patch, so if it suddenly stops
  working, that could be why.

• Remote TC access via port forwarding

  I have been trying to setup my network for remote TC access via port forwarding. Here's my setup:
  Verizon FiOS router (main router, dhcp & nat) -> connected to TC set in bridge mode with a static IP
  I can remotely access the TC using Back to my Mac with no problems, and of course locally on the home network via Wifi.
  Since the TC has to connect in bridge mode, port forwarding is done on the FiOS router.
  If I set a port forwarding rule in the FiOS router TCP,UDP (any) to port 548, it works. However I want to use a specific connection port
  so others can't connect unless they know the forwarded port. BTW, I have remote disk sharing set with Use Device Password.
  So here's what works:
  FiOS Router (TCP any -> 548, UDP any ->548)
  What doesn't work:
  FiOS router (TCP 8990 -> 548, UDP 8990 -> 548).
  Is there any additional setting required for specific port forwarding to work?

  You're my hero!
  I also have my TC in Bridge Mode to my Verizon FIOS Router.  I used to be able to access my TC remotely, but since I upgraded my router (MI424WR GigE), I had forgotten some port forwarding rules I must have established in my old router.  Once I re-created these two port forwarding rules (just like yours), I can remote access my TC (with TC password) again.
  In addition, I have a static host name aliased to my dynamic IP address through dyndns.org (I have the free version, which I don't think is available anymore, but there are other free providers out there) for easier remote access.
  Regarding, Secure Share Disks: with TC password vs a disk password. Is one more secure than the other?
  Thanks!

• HT3576 how can i verify that the network or firewall is not blocking access to port 5223.

  how can i verify that the network or firewall is not blocking access to port 5223?

  Talk to someone who knows something about networking and/or firewalls on an appropriate forum.
  Configuring your network and/or firewall is beyond the scope of this forum, which is devoted to issues using the iPhone.

• Can air for html/ajax accessing serial port or usb?

  I just have made use of Adobe AIR .I want to use printer with
  air . Do air have some poperties to accessing serial port or usb?
  I look up that on the Adobe AIR documents.I only found
  'Adobe® AIR™ provides the eans to check for changes to
  the network connectivity of the computer on which an AIR
  application is installed'.
  Do you have some demo with Adobe AIR accessing serial port or
  usb ?
  Or has another poperties to do that!
  thank you!!

  There is no API for accessing the serial port. USB devices
  can only be accessed through the file system (and only if they are
  storage devices).

• SDK : how to get the server adress and port ?

  Almost everything is in the title, I'm look for code to get the server URL and port where the ME is running ;o)
  There should be some standard API I guess.
  Thanks
  Regards

  Hi,
  In the code that I write I usually have access to the HTTP Request Object.
  String serverName = request.getServerName();
  String serverPort = request.getServerPort();
  Then I just do a compare on the returned value to see if I am on our Test or Production server.
  if(request.getServerName().indexOf("prodservername") >= 0)
    // PRODUCTION CODE HERE
  else
    // TEST CODE HERE
  Hope this helps,
  Mike

• Are "Back to my MAC" and "Port Forwarding" mutually exclusive?

  I have been using APExtreme and Port Forwarding successfully for several weeks now. The PF is to allow access to game players on a PC which acts as a server on the web. All Good.
  One more thing, I have a ISP provided wireless modem/router to talk to the cable and the world. It seems to work either bridged or un-bridged.
  I have disabled the wireless on the ISP's modem/router. (Actually the ISP's device doesn't hold a candle to the APE.)
  Still all good.
  So the firewall is on in the APExtreme and none on the modem router, and I have a port defined for my gamers to get access to my server in the APExtreme.
  I now want to implement Back to my MAC on my MBP and my other Apple devices. I believe these use iCloud for which I have an account and it seems to be working well with my iPhone.
  In Properties, when I select BtmM, iCloud says communications will be slow if I have port forwarding on. Also I will not be able to use the router function in my Modem/router.
  I'd really like to have the modem/router firewall up, and do the port forwarding there, but the BtmM will likely not get through.
  So what does anyone suggest?
  Can I use BtmM and port forwarding without too much degradation?
  Please advise.
  Thanks
  Barry

  To best answer your question on whether the two are "mutually exclusive," let take a look at how Back to My Mac (BTMM) basically works.
  BTMM - General Requirements
  OS X Leopard 10.7.3+
  Active iCloud account. Each Mac & the AirPort router, that will be relying on BTMM, needs to be configured with the same account.
  A publicly reachable IP address for your router.
  A router that supports either NAT-PMP or UPnP. For AirPorts, be sure it is running 7.6.1+ firmware.
  BTMM uses TCP port 5354 and UDP ports 4500 & 5353 for communications.
  BTMM - Basic Communication Flow
  For a computer connected to the Internet via a router, BTMM "asks" the router for its configuration information. For a router, like your AirPort, that uses NAT-PMP, BTMM will ask the router to assign arbitrary public ports. In turn, the router will provide these port assignments (& the router's Public IP address) back to BTMM.
  BTMM then sends this information to the iCloud account. In background iCloud updates a special set of DNS entries to be used by BTMM. These entries are then made available to all BTMM clients using your iCloud account. When a computer, with BTMM enabled, uses your iCloud credentials, it automatically retrieves a list of all other computers/routers that are registered with the same account. All these devices should then appear under the SHARED section of the Finder.
  When attempting to connect to a remote computer (or router), BTMM creates a secure connection to that remote device using the information from the iCloud account.
  Once the connection is established, the devices can then communicate with each other.
  So potentially, unless you are using Port Mapping for any of the ports BTMM uses, they should not conflict.

• Cannot access forwarded ports from the internet

  Hi all,
  I have a Cisco 800 Series router that i configured to do some port forwarding. However i must have done something wrong, because i am unable to access the ports .
  Here is the configuration file of the router.
  Sorry it i pasted too much info, i'm new working with Cisco routers
  Building configuration...
  Current configuration : 9429 bytes
  ! Last configuration change at 13:39:12 PCTime Thu Jan 5 2006 by xxx
  ! NVRAM config last updated at 19:45:42 PCTime Mon Jan 2 2006 by xxx
  version 15.0
  no service pad
  service tcp-keepalives-in
  service tcp-keepalives-out
  service timestamps debug datetime msec localtime show-timezone
  service timestamps log datetime msec localtime show-timezone
  service password-encryption
  service sequence-numbers
  hostname pbr.mtn.w
  boot-start-marker
  boot system tftp c860-universalk9-mz.153-3.M.bin 255.255.255.255
  boot-end-marker
  logging buffered 51200
  logging console critical
  enable secret 5 xxx
  no aaa new-model
  memory-size iomem 10
  clock timezone PCTime 2
  crypto pki trustpoint TP-self-signed-2673109117
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-2673109117
  revocation-check none
  rsakeypair TP-self-signed-2673109117
  crypto pki certificate chain TP-self-signed-2673109117
  certificate self-signed 01
    30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 32363733 31303931 3137301E 170D3036 30313032 31373232
    35395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 36373331
    30393131 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100CD17 E55A2286 3F4D2F14 98499254 8DE9B540 7413A05A C229BD7E 72C6E7AA
    7BD657C2 D824C6E4 0C0FD8AB 5EF6871B A28F298C 391DA225 FA4C92D7 5E3C6B06
    B3447494 EA058319 72A69FEA 305751EE B7D7087A 406216C3 6CC14AB8 056B52F4
    117366AD 531E0515 6801228D 7DAA8454 A00A880D 4023B8B3 983DE19C FB00F077
    32450203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
    551D1104 1C301A82 18706272 2E6D746E 2E772E79 6F757264 6F6D6169 6E2E636F
    6D301F06 03551D23 04183016 80148E65 3A8C9B6B E552653E EA96DCD1 F13DD1F1
    8198301D 0603551D 0E041604 148E653A 8C9B6BE5 52653EEA 96DCD1F1 3DD1F181
    98300D06 092A8648 86F70D01 01040500 03818100 B6F568EE 3AFBBF7A B4DEC150
    B6B8860B D953E444 8925C26C 4186AED4 8EAF9F2F D2F335E4 916F941C 1E831EEE
    77C5A9A2 EB7EB7AA 540FF094 8FA28668 91C39BB2 2852DEB9 414DD37B EE984C20
    CE755A14 37C41233 B0B93B55 52E15783 089B59AA AAE54620 352D3820 59DD24A3
    F1E3EC91 CCDE72AA 7544C9C6 1C12EDAF 95767D97
        quit
  no ip source-route
  ip dhcp excluded-address 10.10.10.1
  ip dhcp excluded-address 192.168.1.1 192.168.1.219
  ip dhcp excluded-address 192.168.1.241 192.168.1.254
  ip dhcp excluded-address 10.10.10.21 10.10.10.254
  ip dhcp pool ccp-pool1
     import all
     network 10.10.10.0 255.255.255.0
     default-router 10.10.10.1
  ip dhcp pool GuestPool
     import all
     network 192.168.1.0 255.255.255.0
     default-router 192.168.1.80
     dns-server 217.14.128.50 212.99.2.8 212.108.200.77 212.82.225.7
     lease 7
  ip cef
  no ip bootp server
  ip domain name yourdomain.com
  ip name-server 196.44.250.214
  ip name-server 196.44.250.215
  ip name-server 41.223.226.30
  ip name-server 212.118.241.1
  ip name-server 213.157.176.2
  ip name-server 62.128.175.14
  license udi pid CISCO861W-GN-E-K9 sn FCZ161392V5
  username xxx privilege 15 secret 5 xxx
  ip tcp synwait-time 10
  ip ssh time-out 60
  ip ssh version 2
  class-map type inspect match-any ccp-cls-insp-traffic
  match protocol cuseeme
  match protocol dns
  match protocol ftp
  match protocol h323
  match protocol https
  match protocol icmp
  match protocol imap
  match protocol pop3
  match protocol shell
  match protocol realmedia
  match protocol rtsp
  match protocol smtp
  match protocol sql-net
  match protocol streamworks
  match protocol tftp
  match protocol vdolive
  match protocol tcp
  match protocol udp
  class-map type inspect match-all ccp-insp-traffic
  match class-map ccp-cls-insp-traffic
  class-map type inspect match-any ccp-cls-icmp-access
  match protocol icmp
  match protocol tcp
  match protocol udp
  class-map type inspect match-all ccp-invalid-src
  match access-group 100
  class-map type inspect match-all ccp-icmp-access
  match class-map ccp-cls-icmp-access
  class-map type inspect match-all ccp-protocol-http
  match protocol http
  policy-map type inspect ccp-permit-icmpreply
  class type inspect ccp-icmp-access
    inspect
  class class-default
    drop
  policy-map type inspect ccp-inspect
  class type inspect ccp-invalid-src
    drop log
  class type inspect ccp-protocol-http
    inspect
  class type inspect ccp-insp-traffic
    inspect
  class class-default
    drop
  policy-map type inspect ccp-permit
  class class-default
    drop
  zone security out-zone
  zone security in-zone
  zone-pair security ccp-zp-self-out source self destination out-zone
  service-policy type inspect ccp-permit-icmpreply
  zone-pair security ccp-zp-in-out source in-zone destination out-zone
  service-policy type inspect ccp-inspect
  zone-pair security ccp-zp-out-self source out-zone destination self
  service-policy type inspect ccp-permit
  interface Null0
  no ip unreachables
  interface FastEthernet0
  interface FastEthernet1
  interface FastEthernet2
  interface FastEthernet3
  interface FastEthernet4
  description $ES_WAN$$FW_OUTSIDE$
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  duplex auto
  speed auto
  pppoe-client dial-pool-number 1
  interface wlan-ap0
  description Service module interface to manage the embedded AP
  ip unnumbered Vlan1
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip nbar protocol-discovery
  ip flow ingress
  ip flow egress
  arp timeout 0
  interface Wlan-GigabitEthernet0
  description Internal switch interface connecting to the embedded AP
  switchport mode trunk
  interface Vlan1
  description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
  ip address 192.168.1.80 255.255.255.0
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip nbar protocol-discovery
  ip flow ingress
  ip flow egress
  ip nat inside
  ip virtual-reassembly
  zone-member security in-zone
  ip tcp adjust-mss 1412
  interface Dialer0
  description $FW_OUTSIDE$
  ip address negotiated
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip mtu 1452
  ip flow ingress
  ip nat outside
  ip virtual-reassembly
  zone-member security out-zone
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  ppp authentication chap pap callin
  ppp chap hostname xxx
  ppp chap password 7 xxx
  ppp pap sent-username xxx password 7 xxx
  no cdp enable
  ip forward-protocol nd
  ip http server
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip flow-top-talkers
  top 20
  sort-by bytes
  cache-timeout 20
  ip nat inside source list 1 interface Dialer0 overload
  ip nat inside source static tcp 192.168.1.25 8890 interface Dialer0 8890
  ip nat inside source static tcp 192.168.1.25 80 interface Dialer0 80
  ip nat inside source static tcp 192.168.1.45 21 41.186.26.35 21 extendable
  ip route 0.0.0.0 0.0.0.0 Dialer0
  logging trap debugging
  access-list 1 remark INSIDE_IF=Vlan1
  access-list 1 remark CCP_ACL Category=2
  access-list 1 permit 192.168.1.0 0.0.0.255
  access-list 100 remark CCP_ACL Category=128
  access-list 100 permit ip host 255.255.255.255 any
  access-list 100 permit ip 127.0.0.0 0.255.255.255 any
  dialer-list 1 protocol ip permit
  no cdp run
  control-plane
  banner exec ^C
  % Password expiration warning.
  Cisco Configuration Professional (Cisco CP) is installed on this device
  and it provides the default username "cisco" for  one-time use. If you have
  already used the username "cisco" to login to the router and your IOS image
  supports the "one-time" user option, then this username has already expired.
  You will not be able to login to the router with this username after you exit
  this session.
  It is strongly suggested that you create a new username with a privilege level
  of 15 using the following command.
  username <myuser> privilege 15 secret 0 <mypassword>
  Replace <myuser> and <mypassword> with the username and password you
  want to use.
  ^C
  banner login ^C---------------------------------------------------------------------------
                                NOTICE TO USERS
  THIS IS A PRIVATE COMPUTER SYSTEM.  Unauthorized or improper use of this
  system may result in administrative or disciplinary action and civil and
  criminal penalties.
  Any or all uses of this system and all files on this system are monitored,
  and recorded.
  This system is the property of xxx .
  Disconnect IMMEDIATELY if you are not an authorized user!
  ^C
  line con 0
  login local
  no modem enable
  transport output telnet
  line aux 0
  login local
  transport output telnet
  line 2
  no activation-character
  no exec
  transport preferred none
  transport input all
  line vty 0 4
  privilege level 15
  login local
  transport preferred telnet
  transport input telnet
  scheduler max-task-time 5000
  scheduler allocate 4000 1000
  scheduler interval 500
  end

  You need...
  Either a Fixed IP from your ISP, or a service like no-ip.org to look up your current IP.
  How to find the "Outside" IP on that machine go here...
  http://www.whatsmyip.org/
  If there's a Router involved at home then incoming ports must be directed to the proper local IP.
  Setup Sharing on the home Mac.

• Given IP and port number, Is there a way to find the service name?

  Hi,
  In the Java language, if I am given the IP and the Port number, is there way to lookup the corresponding service name?
  thanks, grace

  There are a number of standard services by port number. You can get that from /etc/services on any nx system and put it into a map or array. That list doesn't change all that often.
  In general though, as Dave says, no.
  Assuming the service is not one of the standard ones and the same port may provide different services on different IP addresses, there would need to be some standard protocol for naming services that you could access at those IPs--either a "list of ports/services" service that's at a known port, or a request/response that would be standard across all IPs and ports. As far as I know, neither of those exist.

• Smtp and pop3 host and port name of gmail server?????

  can any body give me smtp and pop3 host and port name of gmail server?????to send a mail......

  Just do a new initial context and lookup the datasource, in case you need other info like host name and port you can use MBEans like:
            InitialContext ctx = null;
                 // fetch managed server name by accessing the
                 // RuntimeServerMBean using the
                 // MBeanServer interface
                 ctx = new InitialContext();
                 MBeanServer server = (MBeanServer) ctx
                           .lookup("java:comp/env/jmx/runtime");
                 ObjectName service = new ObjectName(
                           "com.bea:Name=RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean");
                 managedServerName = (String) server.getAttribute(service,
                           "ServerName");

• Dynamic Trunking Protocol and ports mode

  ((Dynamic Trunking Protocol (DTP), as the name implies, is the protocol used to automatically negotiate a trunk link.
  DTP supports the auto negotiation of both ISL and 802.1q.
  By default all ports on the Catalyst 3550 are dynamic desirable ports which will aggressively attempt to negotiate trunking through DTP.
  To disable DTP and the auto negotiation of trunking, issue the interface level command switchport
  nonegotiate)).
  1- How many trunk mode have we got ? one of them is negotiation,,,Do we have any other ?
  2- "By default all ports on the Catalyst 3550 are dynamic desirable ports".
  2/a- Are there any other mode for ports ?
  2/b- Is this different form one type of switch to another type ?

  "1.Diff trunk modes are on,off,desirable,negotiate".
  Does DTP decide which mode to be used (chose one out of 5)?
  "2/a. Diff modes of ports are, access, trunk, dynamic desirable. "
  does that mean the dynamic desirable can be either access or trunk port ?
  I get confused between three different interface mode :
  1- switchports----can be access and trunk ports
  2- routed ports
  3- switched-virtual interface

• Dynamic Host and Port for Web Proxy

  hi,
  When I create a web proxy in JDev I supply the hostname and the port for the web service. The code is then compiled and then deployed. However I want the host and port to be dynamic (kept in a varaible) so when I move my deployment from Development to Test server I just need to change a value in a database or text file. I don't want to re-compile and deploy the code when I move servers. Is there any way to do this??
  Thanks
  Stephen

  Hi,
  not so in the WSDL file that is created. If from the client side access, then WS poxy classes allow you to do this
  Frank