Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is just insane.

Everything except WWW is blocked, so everything must pretend to be WWW???!!!

So can anyone explain the purpose of the "source port" and "destination port" fields in the TCP header? :-)



Seems you missed the "big web revolution" between 2000 and now. Corporate/school/uni firewall madness filters everything but http(s), so each and every protocol has to be somehow http(s). That is why there are almost exclusively webmail providers anymore. Why stuff like videoconferencing must be http-based. Why we do everything by emulating better protocols via polling a webserver for xml or json responses.

Yes, it is insane.


By that logic someone has to explain why WireGuard is over UDP and the purpose of the "protocol" field of IP header :-)

It's called ossification. Same reason why TLS 1.3 has to pretend it's TLS 1.2, and QUIC must be over UDP.


It is insane. But probably some ICMP is allowed too - otherwise TCP tends to break in subtle ways... it is possible to whitelist some/necessary ICMP traffic though.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: