socket send help
Gabriel Genellina
gagsl-py2 at yahoo.com.ar
Tue Jan 6 17:49:19 EST 2009
En Mon, 05 Jan 2009 22:59:46 -0200, James Mills
<prologic at shortcircuit.net.au> escribió:
> On Tue, Jan 6, 2009 at 10:49 AM, Bryan Olson <fakeaddress at nowhere.org>
> wrote:
>>> I thought a firewall would block an attempt to bind to any routeable
>>> address, but not to localhost. So using INADDR_ANY would be rejected.
>
> No.
>
>> My understanding is that firewalls block network traffic, not system
>> calls.
>
> This is correct. Firewalls (real firewalls) can only act on incoming
> and outgoing traffic on the IP level.
That's true for hardware firewalls (those found in a router, by example).
They can at most analyze traffic at the application layer but have no idea
of the applications (processes) behind.
A "software firewall" may react not just to traffic but to *who* is doing
that; it may block *processes* when they try to bind/listen to any port,
even before any packet is sent or received. See
http://www.securityfocus.com/infocus/1839
(One may argue whether those are *real* firewalls or not, but that's their
common name...)
(Also note that I'm far for being an expert on these topics)
--
Gabriel Genellina
More information about the Python-list
mailing list