From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 73B8D1382BB for ; Fri, 4 Jan 2013 20:30:01 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 06F2F21C0FA; Fri, 4 Jan 2013 20:29:42 +0000 (UTC) Received: from mail-ob0-f173.google.com (mail-ob0-f173.google.com [209.85.214.173]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 151E221C0B5 for ; Fri, 4 Jan 2013 20:28:00 +0000 (UTC) Received: by mail-ob0-f173.google.com with SMTP id xn12so15250143obc.18 for ; Fri, 04 Jan 2013 12:28:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=TKW5Gl0xpL1j9EScEEFGA5OfRG8bvLo1IgOF74Xkl70=; b=LXw9DJfp2+hhL/eoJHwGV8wOhPm8s/ePS2Hix+E1febXFZkvDRMMqZ3mzk5McL6Tr2 3rvOFEl2FZVpGOOSdxS7z0115hhsiayRb9hlM3etB0b8gqd+y8qGHJXrOo91RzVl+71g bKToeNzu39MjIDgZ3KTwkeN0QzdGXgAg1cNE9OcgIs59qY21CPOFQX4dZCbAdlvUHO8g dNhiv47FpUi1loxGPZL+Xz+pt3K/Tp6iisyAZZmvNCPnwOn1/TbOvIK37wE8MjCmRrpd 28Qcn1JViKK2gWCV9Ff1UlqywIox+L3JH+9srOlGeUMhcUEZM6BChrFbMtyCBkTcumOW 49Gg== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.60.30.201 with SMTP id u9mr31042364oeh.28.1357331280153; Fri, 04 Jan 2013 12:28:00 -0800 (PST) Received: by 10.76.20.243 with HTTP; Fri, 4 Jan 2013 12:27:59 -0800 (PST) In-Reply-To: <20130104201702.GA16813@waltdnes.org> References: <20121227004732.GB5854@waltdnes.org> <50DBA7D0.4060800@orlitzky.com> <87zk0zivjk.fsf@einstein.gmurray.org.uk> <20121227231150.GA9864@waltdnes.org> <50DCDEAF.9020002@orlitzky.com> <20121228035937.GA2949@waltdnes.org> <50DD370F.4070509@orlitzky.com> <20121231032150.GA2032@waltdnes.org> <50E509FA.3060204@orlitzky.com> <20130104201702.GA16813@waltdnes.org> Date: Fri, 4 Jan 2013 15:27:59 -0500 Message-ID: Subject: Re: [gentoo-user] IPTABLES syntax change? From: Michael Mol To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 X-Archives-Salt: 5fc7841b-ba5e-4fcf-99b4-a2c93356cebc X-Archives-Hash: d3875da3a5420fb96beca39b1dc9d453 On Fri, Jan 4, 2013 at 3:17 PM, Walter Dnes wrote: > On Wed, Jan 02, 2013 at 11:32:58PM -0500, Michael Orlitzky wrote >> On 12/30/2012 10:21 PM, Walter Dnes wrote: >> > [0:0] -A FECESBOOK -j LOG --log-prefix "FECESBOOK:" --log-level 6 >> > [0:0] -A FECESBOOK -j DROP >> > [0:0] -A INPUT -s 192.168.123.248/29 -i eth0 -j ACCEPT >> > [0:0] -A INPUT -s 169.254.0.0/16 -i eth0 -j ACCEPT >> > [0:0] -A INPUT -i lo -j ACCEPT >> > [0:0] -A INPUT -m conntrack --ctstate INVALID,NEW -j UNSOLICITED >> >> In fact, since you're blocking all outgoing packets to facebook, the >> only state that a packet from facebook can have here is INVALID or NEW. >> So traffic from facebook will be sent to the UNSOLICITED chain and DROPped. >> >> >> > [0:0] -A INPUT -s 69.63.176.0/20 -j FECESBOOK >> > [0:0] -A INPUT -s 69.220.144.0/20 -j FECESBOOK >> > [0:0] -A INPUT -s 69.63.176.0/20 -j FECESBOOK >> > [0:0] -A INPUT -s 69.171.224.0/19 -j FECESBOOK >> > [0:0] -A INPUT -s 200.58.112.0/20 -j FECESBOOK >> > [0:0] -A INPUT -s 213.155.64.0/19 -j FECESBOOK >> >> ...making these pointless =) > > > I've run into at least one newspaper website (I forget which, > it's occasionally used for links on Slashdot) which ends up trying to > redirect me to a Facebook site even though the URL does not mention > Facebook at all. There is other integration as well. See the first > post in > http://www.dslreports.com/forum/r26618459-Increasing-integration-of-facebook-into-many-web-sites > I believe this may have been straightened out since then, but 13 months > ago that post was correct. And then there's the "LIKE" button which > shows up all over the web. > > The mere fact that you haven't manually typed in... > http://www.facebook.com/blah_blah_blah does not mean you're not > connecting to it. But all that's above layer 3, since it's an HTTP redirect, or a page transclusion which necessitates a new GET request. Michael's point stands. -- :wq