Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Message-ID: <42B41CCC.9D7D70A7@dessent.net> Date: Sat, 18 Jun 2005 06:08:28 -0700 From: Brian Dessent MIME-Version: 1.0 To: cygwin AT cygwin DOT com Subject: Re: Cygwin and firewalls References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Report: -5.8/5.0 ---- Start SpamAssassin results * -3.3 ALL_TRUSTED Did not pass through any untrusted hosts * -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% * [score: 0.0000] * 0.0 AWL AWL: From: address is in the auto white-list ---- End SpamAssassin results X-IsSubscribed: yes Reply-To: cygwin AT cygwin DOT com Andrew Schulman wrote: > Why is this a Cygwin question? A firewall is a firewall. Network > applications, both Cygwin and non-Cygwin, have to deal with it. I don't > know what a Cygwin-hostile firewall would look like. Cygwin uses sockets to implement many of its functions, such as IPC. Some overzealous firewalls install themselves deeply into the winsock stack (I believe it's called 'layered service provider' API) and install hooks throughout. This can cause things to break if the firewall implementation is not done properly and without bugs, or causes the semantics of socket operations to change. See for example, the threads about crappy VPN clients causing cygwin programs to hang, or the Zonealarm firewall causing the X11 server to hang at startup. Sadly the archives are littered with examples of poorly written firewall-type software that causes things to break, so it's not such a stupid question. Brian -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/