On 2003.06.13 19:53 James Kuhns wrote: > I stand corrected from two directions, thanks Ray and Tim. > > The block hasn't hit here in Lafayette yet - I'll see what tomorrow brings. > > As I have only a passing knowledge of iptables and firewalls in general (I'm > just a lowly programmer :-)), I still don't see: > 1) how a firewall can feasibly determine the originating app of a data > stream on a port (key word being feasibly)
The originating IP address is in the packet header. I suppose this could be forged, but the machine receiving your packets might have trouble talking back to you. > 2) how the iptables rule (iptables -A FORWARD -p tcp -m tcp ! -d > mail.whatever.cox.net --port 25 -j DENY) would only block traffic between > servers. Looks to me like this rule would block any tcp traffic received on > port 25 that was not destined for mail.whatever.cox.net, again how would > COX's hardware know to allow traffic from my client to > mail.somewherenotcox.net? That's right, I think. All port 25 traffic is stopped at the edge of the network, or directed to a mail server. It stops my computer from directly contacting a mail server outside their network to exchange mail. Cox's mail server will talk to your "client" mail and forward it for you. Everything else is ignored.
