sockets without processes

To: debian users <debian-user@lists.debian.org>
Subject: sockets without processes
From: Martin F Krafft <madduck@madduck.net>
Date: Fri, 31 Aug 2001 03:25:27 +0200
Message-id: <[🔎] 20010831032527.A3028@fishbowl.madduck.net>
Mail-followup-to: Martin F Krafft <madduck@madduck.net>, debian users <debian-user@lists.debian.org>

hi,
i am aware that OWNER matching on iptables is still experimental, but
i have a related question, which excited my interest...

my 'postfix' user is allowed to send packets to port 25/tcp of any
system. this seems to work just fine as mails are delivered, but for
each message, my iptables also log a DROP'd attempt (2 packets) to
send to port 25. i had a look with netstat -lp and found out that just
prior to sending a message as postfix, netstat reports a socket not
owned by a process. so if netstat -lp looks as follows for postfix:

tcp  0  0 *:smtp              *:*             LISTEN      3923/master

telling me that pid 3923 is postfix' master program binding to port
25, then the following two entries, which exist just before an smtp
message is sent

tcp  0  0 192.168.14.6:32884  mailhost:smtp   TIME_WAIT   -                   
tcp  0  0 192.168.14.6:32885  mailhost:smtp   TIME_WAIT   -                   

tell me nothing about the process owning them.

i am merely wondering why this is possible...

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
-- 
hi! i'm a .signature virus!
copy me into your ~/.signature to help me spread!

Reply to:

Follow-Ups:
- Re: sockets without processes
  - From: Bob Galloway <bob@de-fac.to>

Prev by Date: Re: Building Courier the Debian way
Next by Date: Re: Basic kernel 2.4.9 panic???
Previous by thread: Re: Sound not working
Next by thread: Re: sockets without processes
Index(es):
- Date
- Thread