Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 29 Jul 98 14:17:00 -0600
From:      Andrew Stone <andrew@stone.com>
To:        freebsd-questions@FreeBSD.ORG
Subject:   sysctl -w net.inet.udp.log_in_vain=1 causes spurious messages
Message-ID:  <199807292015.OAA00513@floyd.stone.com>
next in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
(I'm not on this mailing list, so please reply to me, and I'll summarize, thanks!)

While beefing up the security of our freeBSD gateway, I call these sysctl's from rc.local:

sysctl -w net.inet.tcp.log_in_vain=1
sysctl -w net.inet.udp.log_in_vain=1
sysctl -w kern.securelevel=2


The kernel logs messages like the following, which, since it's from the gateway to the gateway, make no sense and just add noise:
(note 53 is the DNS port, which we allow with ipfw, but these are being logged by the kernel, the IP address is the local gateway IP address)

Connection attempt to UDP 198.111.108.100:1027 from 198.111.108.100:53
Connection attempt to UDP 198.111.108.100:1029 from 198.111.108.100:53
Connection attempt to UDP 198.111.108.100:1031 from 198.111.108.100:53
Connection attempt to UDP 198.111.108.100:1114 from 198.111.108.100:53

Anyway to stop these? I looked online but found nothing.

Thanks!

Andrew Stone (andrew@stone.com)


[-- Attachment #2 --]
(I'm not on this mailing list, so please reply to me, and I'll summarize, thanks!)


While beefing up the security of our freeBSD gateway, I call these sysctl's from rc.local:


sysctl -w net.inet.tcp.log_in_vain=1

sysctl -w net.inet.udp.log_in_vain=1

sysctl -w kern.securelevel=2



The kernel logs messages like the following, which, since it's from the gateway to the gateway, make no sense and just add noise:

(note 53 is the DNS port, which we allow with ipfw, but these are being logged by the kernel, the IP address is the local gateway IP address)


<fixed><smaller>Connection attempt to UDP 198.111.108.100:1027 from 198.111.108.100:53

Connection attempt to UDP 198.111.108.100:1029 from 198.111.108.100:53

Connection attempt to UDP 198.111.108.100:1031 from 198.111.108.100:53

Connection attempt to UDP 198.111.108.100:1114 from 198.111.108.100:53</smaller></fixed>


Anyway to stop these? I looked online but found nothing.


Thanks!


Andrew Stone (andrew@stone.com)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807292015.OAA00513>