The firewall has blocked routed traffic

So, I’ve had Zonealarm since not too long ago and I was getting messages like "has blocked access from X to your computer which seemed ok for the most part except on some ocassions it was clearly blocking stuff it should not block as it came from a copmputer I was communicating with but that’s ok… anyhow…

I’ve had ADSL for the last couple of days and now I am getting a new type of message: “the firewall has blocked routed traffic from site X (TCP port 515) to site Y …” I feel like I should call site Y and say “hey, I got a packet here addressed to you but I don’t know what to do with it!”

I am not much concerned but it got me thinking… The Internet works by servers relaying packets to one another so it makes sense they might want to pass something to me… except I can only send it back the way it came so it makes no sense.

And so, I realise I really haven’t a clue about how the Net works. My first assumption is servers must have multiple paths interconnecting them? Are all servers like that or only certain routers? I mean, do all servers do all sorts of stuff, including relay traffic and their own business? Or are there servers which just deal with moving traffic and then people like me who mind their own business? If so, how are they distinguishable? Or are packets just sent around wildly in the hope that some may arrive.

Can someone in the know give me a summary of a simplified explanation of how the Net works?

Well, none of us really know how it works.

Simple answer: Packets get sent from you machine to it’s default router, set by your ISP. That router then contacts other routers, or has a table of routers, to find the next hop to it’s destination. Its passed on, and the process goes from there, until it gets to where it’s going. This is waaaay oversimplified, and leaves out routing technologies and such.

You should never get any traffic like that, since the router of your ISP should know not to send this stuff downstream.

>> You should never get any traffic like that

That’s what I thought… OTOH I should also pay more attention because it turns many of the packets are addressed to my machine IP number. After some tinkering I found out it is Outlook Express trying to get email and ZA blocking it. So why is ZoneAlarm blocking them and should it be blocking them? If I downgrade the security level to medium this does not happen but why would it do it even in “high”?

I think I know what is happening: For a couple of days now I have had ADSL and somehow ZoneAlarm is blocking packets it should not be blocking because it does not recognise them as directed to and requested by my machine… or something like that.

Can anyone tell me what settings I should change?

The first thing I’ll check is the “program” settings for Outlook Express. Has it been trying to act as a server? Do you have problems with other Net-related activities such as surfing the Web?

Well, I am guessing ZA just does not know I have installed ADSL so I have removed it and reinstalled it… let’s see if that makes any difference one way or another…