From owner-freebsd-questions@FreeBSD.ORG  Thu Oct 18 16:41:25 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 812C516A41A
	for <freebsd-questions@freebsd.org>;
	Thu, 18 Oct 2007 16:41:25 +0000 (UTC)
	(envelope-from nvass@teledomenet.gr)
Received: from smtp.teledomenet.gr (smtp.teledomenet.gr [213.142.128.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 382C813C459
	for <freebsd-questions@freebsd.org>;
	Thu, 18 Oct 2007 16:41:25 +0000 (UTC)
	(envelope-from nvass@teledomenet.gr)
Received: by smtp.teledomenet.gr (Postfix, from userid 58)
	id 25882142365; Thu, 18 Oct 2007 19:41:24 +0300 (EEST)
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on smtp.teledomenet.gr
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham
	version=3.2.3
Received: from iris (unknown [192.168.1.71])
	by smtp.teledomenet.gr (Postfix) with ESMTP id 7F9161420DF;
	Thu, 18 Oct 2007 19:41:20 +0300 (EEST)
From: Nikos Vassiliadis <nvass@teledomenet.gr>
To: freebsd-questions@freebsd.org
Date: Thu, 18 Oct 2007 19:36:27 +0300
User-Agent: KMail/1.9.7
References: <17838240D9A5544AAA5FF95F8D5203160297F7B3@ad-exh01.adhost.lan>
	<200710181829.48220.nvass@teledomenet.gr>
	<17838240D9A5544AAA5FF95F8D5203160297F7BC@ad-exh01.adhost.lan>
In-Reply-To: <17838240D9A5544AAA5FF95F8D5203160297F7BC@ad-exh01.adhost.lan>
X-NCC-RegID: gr.telehouse
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200710181936.29157.nvass@teledomenet.gr>
Cc: "Michael K. Smith - Adhost" <mksmith@adhost.com>
Subject: Re: Odd PF Denied Message
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Oct 2007 16:41:25 -0000

On Thursday 18 October 2007 18:39:56 Michael K. Smith - Adhost wrote:
> Thank you for the clue!  We are using log in vain as part of our
> security logging for this particular box, but this is the only message
> I've ever seen so I'm not sure it's really needed.

It must be a local program trying to connect to ident.
Probably nothing to worry about. I would check which is
this program though. If that's the only message you get
you must be protected, at least packet_filtering-wise.

I think log_in_vain can be used when configuring a firewall.
Just to see quickly if your firewall works as expected and
then turn it off. Otherwise it is just going to create tons
of irrelevant log messages.

Nikos