From owner-freebsd-questions Wed Jul 29 13:16:50 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA17866 for freebsd-questions-outgoing; Wed, 29 Jul 1998 13:16:50 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from floyd.stone.com (stone.swcp.com [198.59.115.208] (may be forged)) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA17860 for ; Wed, 29 Jul 1998 13:16:46 -0700 (PDT) (envelope-from andrew@floyd.stone.com) Received: from hog (hog.stone.com [192.54.108.6]) by floyd.stone.com (8.8.8/8.8.7) with SMTP id OAA00513 for ; Wed, 29 Jul 1998 14:15:53 -0600 (MDT) Message-Id: <199807292015.OAA00513@floyd.stone.com> To: freebsd-questions@FreeBSD.ORG Subject: sysctl -w net.inet.udp.log_in_vain=1 causes spurious messages Date: Wed, 29 Jul 98 14:17:00 -0600 From: Andrew Stone Reply-To: andrew@stone.com mime-version: 1.0 (Apple Message framework Titan v82) content-type: multipart/alternative; boundary=Apple-Mail-659827788-13 content-transfer-encoding: 7bit received: by Apple.Mailer (2.82) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --Apple-Mail-659827788-13 content-type: text/plain; charset=us-ascii content-transfer-encoding: quoted-printable (I'm not on this mailing list, so please reply to me, and I'll = summarize, thanks!) While beefing up the security of our freeBSD gateway, I call these = sysctl's from rc.local: sysctl -w net.inet.tcp.log_in_vain=3D1 sysctl -w net.inet.udp.log_in_vain=3D1 sysctl -w kern.securelevel=3D2 The kernel logs messages like the following, which, since it's from the = gateway to the gateway, make no sense and just add noise: (note 53 is the DNS port, which we allow with ipfw, but these are being = logged by the kernel, the IP address is the local gateway IP address) Connection attempt to UDP 198.111.108.100:1027 from 198.111.108.100:53 Connection attempt to UDP 198.111.108.100:1029 from 198.111.108.100:53 Connection attempt to UDP 198.111.108.100:1031 from 198.111.108.100:53 Connection attempt to UDP 198.111.108.100:1114 from 198.111.108.100:53 Anyway to stop these? I looked online but found nothing. Thanks! Andrew Stone (andrew@stone.com) --Apple-Mail-659827788-13 content-type: text/enriched; charset=us-ascii content-transfer-encoding: quoted-printable (I'm not on this mailing list, so please reply to me, and I'll = summarize, thanks!) While beefing up the security of our freeBSD gateway, I call these = sysctl's from rc.local: sysctl -w net.inet.tcp.log_in_vain=3D1 sysctl -w net.inet.udp.log_in_vain=3D1 sysctl -w kern.securelevel=3D2 The kernel logs messages like the following, which, since it's from the = gateway to the gateway, make no sense and just add noise: (note 53 is the DNS port, which we allow with ipfw, but these are being = logged by the kernel, the IP address is the local gateway IP address) Connection attempt to UDP 198.111.108.100:1027 from = 198.111.108.100:53 Connection attempt to UDP 198.111.108.100:1029 from 198.111.108.100:53 Connection attempt to UDP 198.111.108.100:1031 from 198.111.108.100:53 Connection attempt to UDP 198.111.108.100:1114 from = 198.111.108.100:53 Anyway to stop these? I looked online but found nothing. Thanks! Andrew Stone (andrew@stone.com) --Apple-Mail-659827788-13-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message