From owner-freebsd-questions Sat May 20 18:32:36 2000 Delivered-To: freebsd-questions@freebsd.org Received: from usc.edu (usc.edu [128.125.253.136]) by hub.freebsd.org (Postfix) with ESMTP id 823C737B7EC for ; Sat, 20 May 2000 18:32:33 -0700 (PDT) (envelope-from abdulgha@usc.edu) Received: from scf-fs.usc.edu (root@scf-fs.usc.edu [128.125.253.183]) by usc.edu (8.9.3.1/8.9.3/usc) with ESMTP id SAA28213 for ; Sat, 20 May 2000 18:31:17 -0700 (PDT) Received: from phoenix (phoenix@res-3617.usc.edu [128.125.31.111]) by scf-fs.usc.edu (8.9.3.1/8.9.3/usc) with SMTP id SAA01563 for ; Sat, 20 May 2000 18:31:17 -0700 (PDT) Message-ID: <003b01bfc2c4$4f094790$6f1f7d80@phoenix> Reply-To: "Khairuddin Abdul Ghani" From: "Khairuddin Abdul Ghani" To: Subject: talkd error: [Error on write to talk daemon : Permission denied (13)] Date: Sat, 20 May 2000 18:31:38 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi everyone! There seems to be an error with my ntalkd recently. Whenever someone would want to 'talk' to someone on localhost, he/she gets the message [No connection yet] [Error on write to talk daemon : Permission denied (13)] and the talk program quits. I checked, and it seems that the following ipfw rule was causing it: 00200 deny ip from any to 127.0.0.0/8 which is weird since that rule is a default from within /etc/rc.firewall. When I remove this rule, I would instead get the following: [No connection yet] [Checking for invitation on caller's machine] [Checking for invitation on caller's machine] . . The thing is, talkd seemed to work fine before. But lately, many other weird things have been happening. An increase in incoming traffic would sometimes cause the box to shutdown most vital internet daemons, plus delete certain lib files like mm (for apache) and tcl. Looks to me like the box has been breached, but I've checked all the advisories and all seem to have been taken care off. Anyhow, I'll paste some of the configuration that might be causing these below, and hopefully there's someone out there who can help! Thanks all. :) Regards, Rudy. ipfw rules: 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00500 pipe 1 udp from any to any 02000 allow tcp from any to 127.0.0.0/8 3306 02100 deny tcp from any to any 3306 <-- deny remote sql requests. 65000 allow ip from any to any 65535 allow ip from any to any netstat -nr: Internet: Destination Gateway Flags Netif Expire default 216.65.57.1 UGSc fxp0 xxx.25.134 link#1 UC fxp0 => xxx.25.134.1 0:a0:c9:e8:c3:1f UHLW fxp0 1114 xxx.25.134.2 0:90:27:ad:45:5d UHLS lo0 xxx.25.134.3 0:90:27:ad:45:5d UHLS fxp0 . . yyy.65.57 link#1 UC fxp0 => yyy.65.57.1 0:a0:c9:e8:c3:1f UHLW fxp0 1186 yyy.65.57.2 0:90:27:ad:45:5d UHLW lo0 yyy.65.57.3 0:90:27:ad:45:5d UHLS fxp0 . . yyy.65.57.255 ff:ff:ff:ff:ff:ff UHLWb fxp0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message