But they're not, apparently. Those of us running firewalls are denied.
So that tells me that FR must forward the IP addresses of the requester to rfny.us, and those of us who have our outgoing IP addresses blocked by our firewalls are disapproved.
John, is "IP forwarding" enabled on the FR servers, and if so, why?
Does anybody have any idea if I know what the heck I am talking about, 'cause I sure don't.
I have Linux and I can see some of what's going on here, since my firewall logs incoming requests.
Whatever server is hosting those pictures (126.96.36.199) is requesting a connection to any machine requesting the pictures, and trying to open a port in the 328xx range (32807, 32816, etc. etc.).
I've seen this before - I don't recall seeing it with Windoze, but it's happened more frequently with Linux. Usually, I just bag it and don't look at the site, but this time I opened access to the 188.8.131.52 server to look at a couple of them (guess which ones...), and then turned it off again (the Linux firewall allows you to enable and disable any service to and from any port for any specific machine to which you're "talking").
I *think* (haven't thoroughly infestigated it; I have many more important computer issues to get paranoid about at the moment) that in most cases what it is, is the machine to which you're trying to connect is trying to do a reverse DNS lookup on your machine. Most sites don't do that, but some (probably an increasing number) do - what they're trying to do is to force your machine to identify itself in case you're trying to send "Spam" into their server, before they'll let you look at the babe in the gold dress. However, if you have services running on your machine which talk on the port to which their machine manages to connect, it *could* be a penetration attempt.
Because this is just a photo hosting site, and because Linux is far less likely to be the subject of a successful probe by hackers, (*most* of the exploits out there target Gatesware), and because I can turn on access on a port-by-port basis, and because I shut the access of as soon as I got a look at the babe in the gold dress (Nice bod but too much makeup for my barbarian tastes) (sorry, but you all have REALLY asked for it), I was willing to drop my ah... "Guard" in this case.
People with Windoze firewalls might experience various things, depending on their firewall (and I DON'T know how Gatesware plays with the third-party firewalls, so all I can do is guess, but...). If you've got your browser set up to act as a server, it might be doing the reverse DNS on request and sending out your Social Security Number and bank account and voting record, without your even knowing it (I hope I'm exaggerating). Or, your browser/firewall might be denying the reverse DNS (or whatever) request, so you end up having to take down your firewall in order to ogle the cute babe in the gold dress. I hate even speculating about Windoze; it's junk.
I'm not a computer expert, I'm just a paranoid redneck thug. My eventual intention is to figure out how to set up a server on my Linux system to "spoof" the reverse DNS lookups and any other service requests and, rather than just denying them, feed them a pack of lies in order to infuriate and frustrate whatever sniveling leftist compugeek on the other end who thinks he's cute...