Well, my mail was blocked by dustin as usual rather than Cox :-) I have to change my squirrel stuff!!!!!!
take care! Alavaro Zuniga On Fri, 2003-06-13 at 23:32, will hill wrote: > On 2003.06.13 19:53 James Kuhns wrote: > > I stand corrected from two directions, thanks Ray and Tim. > > > > The block hasn't hit here in Lafayette yet - I'll see what tomorrow brings. > > > > As I have only a passing knowledge of iptables and firewalls in general (I'm > > just a lowly programmer :-)), I still don't see: > > 1) how a firewall can feasibly determine the originating app of a data > > stream on a port (key word being feasibly) > > The originating IP address is in the packet header. I suppose this could be > forged, but the machine receiving your packets might have trouble talking > back to you. > > > 2) how the iptables rule (iptables -A FORWARD -p tcp -m tcp ! -d > > mail.whatever.cox.net --port 25 -j DENY) would only block traffic between > > servers. Looks to me like this rule would block any tcp traffic received on > > port 25 that was not destined for mail.whatever.cox.net, again how would > > COX's hardware know to allow traffic from my client to > > mail.somewherenotcox.net? > > That's right, I think. All port 25 traffic is stopped at the edge of the > network, or directed to a mail server. It stops my computer from directly > contacting a mail server outside their network to exchange mail. Cox's mail > server will talk to your "client" mail and forward it for you. Everything > else is ignored. > > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net
