Message104820
The TCP-issues from my post are all resolved. I now know how TCP works; the behaviour of python seems to be correct.
About the imap-behaviour:
me@harga ~$ python
Python 2.5.5 (r255:77872, Apr 21 2010, 08:40:04)
[GCC 4.4.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import imaplib
>>> c = imaplib.IMAP4_SSL("post.in.tum.de")
>>> c.login("toelke", "XXX")
('OK', ['LOGIN Ok.'])
>>> c.logout()
('BYE', ['Courier-IMAP server shutting down'])
>>> <C-d>
me@harga ~$
At the time of the logout() the server closes his connection and sends a FIN-packet. If python is closed, it sends not a FIN-Packet but a RST-paket.
The "problem" I have with this is, that the Linux-Packetfilter-Firewall does not expect this RST-Packet either and in out configuration logs this as a connection in the wrong state which is generally a security-problem.
Our workaround for the last year has been
iptables -A OUTPUT -p tcp --tcp-flags ACK,RST ACK,RST -d 131.159.22.43 -j DROP
Thanks for the help! |
|
Date |
User |
Action |
Args |
2010-05-03 07:28:44 | toelke | set | recipients:
+ toelke, pitrou, giampaolo.rodola |
2010-05-03 07:28:44 | toelke | set | messageid: <1272871724.24.0.987133704432.issue5565@psf.upfronthosting.co.za> |
2010-05-03 07:28:42 | toelke | link | issue5565 messages |
2010-05-03 07:28:40 | toelke | create | |
|