On 6/28/20 2:10 PM, R.Wieser wrote:
> But to make it absolutily clear, in my explanation the RPi is
> *passive*.  It waits for connections initiated by both hosts, and
> only than tries to / can write received packets to the other interface.

I think we have a nomenclature problem here.

I think you, R. Wieser, are using "passive" as a reference to which host
/initiates/ the connection.

Where as some people in this thread have taken "active" vs "passive" to
mean "doing something with the traffic to copy it from one interface to
another".

Traditionally, in both computers and electronics, a passive device is
one that will function without any power, conversely an active device
will not function without power.

A DB-25 to RJ-45 adapter is passive in that it's wires and unpowered.
Conversely, a Pi is an active device that will not function without power.

So, we get into the minutia of /what/ /specifically/ the Pi is doing and
if it constitutes active or passive.

I think that many would support that routers, particularly routers that
alter traffic as it passes through, are /active/ devices.

You have stated that you want to /actively/ decide what traffic to allow
through or not.

You have also stated that you want software to read from one interface
and write to another interface.  Both of those are active functions.

Even if you don't consider traditional routing to be active, you have
indicated that you are considering writing a custom program to read from
one interface and write to another, possibly via sockets with the
existing TCP/IP stack.  This sounds very active to me.

The Pi can be both active in that it processes traffic and /reactive/ in
that it only does so in response to external stimuli.

So, please clarify what you mean by "active" vs "passive" as well as
"initiator" and "responder".  Please also re-state your desires while
clearly indicating what is active / passive and initiator / responder.

> Nope.   Both sides can send and both sides can receive.  The only
> thing that happens in the RPi is that the connection gets scrubbed
> (notice: the connection, not its data).

The "scrubbing" supports some sort of active process on the connection.

Connection vs data is getting into the minutia and we need to share a
common understanding of what each other means.  Lest we talk in circles
around each other.

> As in the above, it is supposed to be.

Unless or until corrected, I'm going to take "passive" to mean "does not
initiate / responds to external initiation".

> Why is it that "passive" also must mean "time delay" and
> (thus?) "files" ?  I don't get it.

In typical file drop / post office scenarios, the recipient can't
/safely/ read the file until /after/ the file is completely written.  As
such, you are introducing a delay of some amount of time.

Conversely, an active process can read from one socket and write to
another socket in almost parallel.  (There is a tiny but measurable
delay.)  It can certainly start writing to the second socket before the
data is finished being written to the first socket.

> as well as for its multi-port usage ofcourse, which doesn't work well
> with (simple) firewalls.

If by "simple" you mean "stateless", sure.

> But as mentioned, I had something /much/ simpler in mind - with the
> RPi being next to invisible.

I'm not convinced that the Pi will be as invisible as I think you are
thinking.

Hosts A and C will know the remote IP that they are talking to.  They
can share that information in the data that passes between them (much
like FTP does) and can detect that each other are not at the addresses
they are talking to.

Does this visibility matter?  Probably not.  But it might.

> Doesn't mean that I cannot also think of setting the RPi up as a
> multi-subnet data-storage device ofcourse.  Heck, I might even think
> of setting up both !

~chuckle~



--
Grant. . . .
unix || die

--- SoupGate-Win32 v1.05