Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am flummoxed. I run this script when I want to block my Internet connection:
#!/bin/bash
iptables -F
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
Everything stops. I can't check my email, I can't ping any address at all and I can't open any site... except Facebook. Facebook keeps opening as if noothing had happened. The Messenger won't work, but all other pages still open, even pages I don't think I ever opened before so they can't be cached.
Or can they? I just tested it here, on linuxquestions, and I can open and read threads I had never opened until now. Many of them. Does Firefox read all those posts and cache them preemptively?
I am posting this with firewall blocked. Let's see if it goes through...
iptables -F should reset everything before the instructions to block it all.
No one here can know, only you are sitting at the machine...
If you do iptables -F followed shortly by iptables -L, without opening anything else in between, does it flush all and remain flushed? Does it remain clear if you do nothing else? If so, do one thing at a time until it changes to try to find out what is changing it.
A little late to the game but Facebook is a web site. ALL web traffic is stateless and there are no connections between client and web server other than those initiated by the client. Immediately after a request from the client, the server responds and that's it for the traffic. Facebook, or any web site for that matter, cannot initiate a connection to anyone.
Unless I misunderstood OPs post title...in which case "nevermind"
Distribution: openSUSE, Raspbian, Slackware. Previous: MacOS, Red Hat, Coherent, Consensys SVR4.2, Tru64, Solaris
Posts: 2,803
Rep:
Quote:
Originally Posted by lucmove
I am flummoxed. I run this script when I want to block my Internet connection:
#!/bin/bash
iptables -F
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
Everything stops. I can't check my email, I can't ping any address at all and I can't open any site... except Facebook. Facebook keeps opening as if noothing had happened. The Messenger won't work, but all other pages still open, even pages I don't think I ever opened before so they can't be cached.
Or can they? I just tested it here, on linuxquestions, and I can open and read threads I had never opened until now. Many of them. Does Firefox read all those posts and cache them preemptively?
I am posting this with firewall blocked. Let's see if it goes through...
How is the system that you're seeing FB pages on communicating with the Internet? If your Linux firewall is locked down as you've shown, you have a wifi router on the "clean" side of the firewall, and you're connecting to the internet through that "internal" wifi, then you do indeed have a mystery. If, on the other hand, you're using a laptop that's connecting to the wifi provided by your ISP-provided router, the firewall settings mean nothing---you're bypassing them. Are you certain this isn't the case?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.