Firewalls: Incoming TCP Packet with Port 80 ??

Firewalls
(November 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Incoming TCP Packet with Port 80 ??
From:	"Stephane Scherrer" <sscherrer @ cits . com>
Date:	Fri, 15 Nov 1996 10:35:09 +0100
To:	<firewalls @ GreatCircle . COM>

Hi,
I'm currently rewriting new rules on our Firewall and was wondering if
anyone here could answer my questions :
  Our Firewall is running an HTTP Proxy on port 8080. Thus, to allow access
to Web servers on the Internet from the inside of our Network, I wrote down
some new rules. Two of them were designed for the connection between our
Firewall and any Web Server on the Internet :

    FW (Port >=1024) ------- TCP ----->  Web Server (Port = 80)
    FW (Port >=1024) <---- TCP/ACK ----  Web Server (Port = 80)

However, when putting these rules I was surprised to see in the log files
that I received as well this kind of packets from Web Servers :
   FW (Port >=1024) <------- TCP ------  Web Server (Port = 80)

Shouldn't it be a TCP/ACK ? 
Why are the Web Servers sending me these packets ?
Should I allow them ? (currently they are blocked at the Firewall, and
everything is working fine...!!)

If anyone could clarify  this for me ...

Thanks in advance.
Stephane Scherrer ( sscherrer @
 cits .
 com )
**********************************************

Indexed By Date	Previous:	PC Death From: peter . maersk-moller @ jrc . it (Peter Maersk-Moller)
Indexed By Date	Next:	Who is the NCSA? From: Dave Horsfall <dave @ fgh . oz . au>
Indexed By Thread	Previous:	Re[2]: Microwave & Satelite From: Thutchens @ framatech . com
Indexed By Thread	Next:	RE:Incoming TCP Packet with Port 80 ?? From: arager @ mcgraw-hill . com