On 08/15/2007 01:39 PM, Wayne Topa wrote: > I have noticed recently, while watching iptraf, that I am getting > connections from various google addresses. ie bu-in-f93.google.com > currently.
This would be your browser checking in with google. If you have a browser open, it will connect for updated information periodically. ie., netstat shows these connections on my system: tcp 0 0 10.6.104.165:34120 kc-in-f104.google.c:www ESTABLISHED tcp 0 0 10.6.104.165:34121 kc-in-f104.google.c:www ESTABLISHED The above is from me -> google on port 80 when sitting on my igoogle page. > This happen on 4 different network boxen, while they have > iceweasel running, and sitting on our networks local homepage. > > As the connections were not initiated by any of the boxen, iptables > _should_ be blocking them, so I am wondering if Google has, somehow, > got around the firewall (firehol) rules. I pointed by browser away from google.com to some other site, and the connections persisted as ESTABLISHED for a short time, then dropped. After a little time, another connection fired up, same as above, so this appears to be cookie-based(?). Interesting.. Your firewall probably has an iptables -A INPUT -m state --state "ESTABLISHED,RELATED" -j ACCEPT rule, meaning accept anything coming in if it is initiated from the inside. Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
