Michael Shuler([EMAIL PROTECTED]) is reported to have said: > On 08/15/2007 01:39 PM, Wayne Topa wrote: > > I have noticed recently, while watching iptraf, that I am getting > > connections from various google addresses. ie bu-in-f93.google.com > > currently. > > This would be your browser checking in with google. If you have a > browser open, it will connect for updated information periodically. > ie., netstat shows these connections on my system:
Well it has a long memory then. This box was shut down last night for some maintenance. I fired it up this morning but didn't connect to the net, just our local server homepage. The box was running ktorrent to seed some files all morning though. > > tcp 0 0 10.6.104.165:34120 kc-in-f104.google.c:www ESTABLISHED > tcp 0 0 10.6.104.165:34121 kc-in-f104.google.c:www ESTABLISHED > > The above is from me -> google on port 80 when sitting on my igoogle page. Dumb me forgot to run netstat when I saw the slowdown. :-( > > This happen on 4 different network boxen, while they have > > iceweasel running, and sitting on our networks local homepage. > > > > As the connections were not initiated by any of the boxen, iptables > > _should_ be blocking them, so I am wondering if Google has, somehow, > > got around the firewall (firehol) rules. > > I pointed by browser away from google.com to some other site, and the > connections persisted as ESTABLISHED for a short time, then dropped. > After a little time, another connection fired up, same as above, so this > appears to be cookie-based(?). Interesting.. > > Your firewall probably has an > > iptables -A INPUT -m state --state "ESTABLISHED,RELATED" -j ACCEPT > > rule, meaning accept anything coming in if it is initiated from the inside. Yes, it does, but having not used iceweasel for anything today, I thought it was odd that google, or iceweasel, needed to know anything. Of course the entry was dropped when I terminated iceweasel. Thanks Michael. I'm sure you are correct. I'll check more if/when it happens again, and I'm sure it will. Best Regards Wayne -- Every bug you find is the last one. _______________________________________________________ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
