In a situation like this, I have a couple of questions, which would affect my recommendations --

  1. Are you the user of this, or are the users reasonably technical savvy and trustworthy?
  2. Is there a single specific client system that is connecting, or multiple client systems?
  3. What is the security required by the information being passed, and the security already in the database?
  4. Who controls DHCP?
  5. Is the current UI web based?

If I were going to be the only user, or the users were people that I trusted to follow directions, I'd probably use an SSH tunnel, and place a wrapper around the connection to start the tunnel. You could also use a VPN, or requiring port knocking before the server allows access

If there needed to be multiple clients that needed to connect, I might place a system on the network that had the necessary permissions to connect to the database, but acted as a gateway / bastion host.

If you know the folks who are controlling DHCP, I'd look into setting up a smaller IP pool for the systems that need to connect.

If the security requirements are really low, I probably wouldn't worry about things too much, and just open up the network to the subnet.

If the plan for the UI is web based, it doesn't seem like it's a signfiicant stretch to send updates via HTTP, but if it's not, you may be introducing extra unnecessay complexity. (and opening up unnecessary ports if the server doesn't already have an HTTP service exposed)

But, to answer your questions directly:

Is this insane?

I think it's probably more effort than it's worth, however, you can also use the proxy to perform extra error checking and/or access control, if you needed to.

One of my db elements is a blob generated by mod Storable. Can I send this data directly via http POST or GET without getting involved in all kinds of MIME complications?

So long as it's all properly escaped, you should be fine. If you're doing queries, you can use GET, but for any sort of request that modifies data, you should use POST, which should not be re-executed by a client without prompting, and won't be cached.

I personally wouldn't use CGI to pass my data, but would be more likely to use SOAP, which was basically made for these sorts of operations.

In reply to Re: Sending Storable strings over http by jhourcle
in thread Sending Storable strings over http by cormanaz

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.