TortoiseSVN locked by firewalls a way to a good solution
From: Bernard TREMBLAY <bty-adminf1_at_trebly.net>
Date: Tue, 22 Jan 2013 19:36:41 -0800 (PST)
I summarize :
I could not connect anymore with no clear message and nothing said by the firewall.
I want to collect informations to redact a paper with the subject :
The url and password had changed for same local working copies and I had updated TortoiseSVN.
I could not connect at all to SourceForge repositories with message : (Cannot find back the exact message) which meaning was
My firewall (GDATA) was not reporting any program locked.
I spent a long time and eat a lot of work before stopping for a short while the firewall (with security rules and because it is a development server that I had to stop). The simple connection http became possible. The firewall was saying nothing but it was locking the connection process.
After this I test several rules to make the transaction good. I have been successful but the result even functioning is not clean and the why is not clearly explained. The rules are not simple.
Note : After opening access to SVN *.exe to the four ports concerned 22;80;443;890; and defined that they could be launched by Various Tortoise*.exe or shell, the firewall has declared TortoiseProc.exe locked not on network:web
So now I would after this experience to redact a document which could become a Q&R
Problem formulation and requests :
So to properly formulate the problem and explain the solution I need answers to the following questions (the objects of this thread) :
1- Finally : "What are the definitions of the rules for the (anyone) firewall to obtain the right connection with strict needs and no more :"
This means :
which application launches which other one with which protocols (and ports) for any protocol referenced.
Some element seems to mean that the full calls and protocol set is made in several steps (ports and protocols).
Remark about the fact that there no many thread on this subject : I am quite sure that with automatic firewall setup (average level) TortoiseProc.exe should be completely allowed for anything and never an hidden lock could happen. But every body do not set their firewall in automatic allowing mode (open any ports and protocols for any soft from computer, lock unknown input).
3- For GDATA the question is : how an application can appear in the "applications locked" after opening web ports and applications manually because a full application was locked without any message.
What I am waiting for
The opened questions for TortoiseSVN, GDATA (firewall editor) and me who want to redact a document are :
- What are the definitions of the rules for the (any) firewall to obtain always the right connection (with good securities)
So I ask to TortoiseSVN Team to transmit to me or tell me were I can find the useful informations about which calls which connexion on which ports and how are the calls between applications and too the sequences that set a connection
note : These information can be sent private because I think them as confidential for security. It is the reason why I will reduce to minimum for a summary in directives for firewalls and not put the details on any text. (I could probably find these informations from sources but this will eat so much work...)
I am waiting for answers from TortoiseSVN team and from the FireWall editor (GDATA which had till now always a very good support and he is concerned because for the TortoiseSVN protocols the firewall don't give good information to understand the locks).
With these informations I will make the good test to redact the document, while GDATA will modify (or not) the soft for next version to be able to detect correctly any (as TortoiseSVN) application which contains several linked programs to set a full connection and allow a full transaction.
To unsubscribe from this discussion, e-mail: [dev-unsubscribe_at_tortoisesvn.tigris.org].
This is an archived mail posted to the TortoiseSVN Dev mailing list.