hi, i am aware that OWNER matching on iptables is still experimental, but i have a related question, which excited my interest...
my 'postfix' user is allowed to send packets to port 25/tcp of any system. this seems to work just fine as mails are delivered, but for each message, my iptables also log a DROP'd attempt (2 packets) to send to port 25. i had a look with netstat -lp and found out that just prior to sending a message as postfix, netstat reports a socket not owned by a process. so if netstat -lp looks as follows for postfix: tcp 0 0 *:smtp *:* LISTEN 3923/master telling me that pid 3923 is postfix' master program binding to port 25, then the following two entries, which exist just before an smtp message is sent tcp 0 0 192.168.14.6:32884 mailhost:smtp TIME_WAIT - tcp 0 0 192.168.14.6:32885 mailhost:smtp TIME_WAIT - tell me nothing about the process owning them. i am merely wondering why this is possible... martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] -- hi! i'm a .signature virus! copy me into your ~/.signature to help me spread!
