From owner-freebsd-questions@FreeBSD.ORG Tue Jan 20 21:41:34 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 64F6A16A4CE for ; Tue, 20 Jan 2004 21:41:34 -0800 (PST) Received: from mailhost.schluting.com (cheshire.cat.pdx.edu [131.252.214.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 515C643D48 for ; Tue, 20 Jan 2004 21:41:32 -0800 (PST) (envelope-from charlie@schluting.com) Received: from localhost (localhost [127.0.0.1]) by mailhost.schluting.com (Postfix) with ESMTP id 0013C2213 for ; Tue, 20 Jan 2004 21:41:31 -0800 (PST) Received: from by localhost (amavisd-new, port ) id g3M0x413 for ; Tue, 20 Jan 2004 21:41:28 -0800 (PST) Received: from schluting.com (c-24-20-163-50.client.comcast.net [24.20.163.50]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailhost.schluting.com (Postfix) with ESMTP id DBFE320F3 for ; Tue, 20 Jan 2004 21:41:26 -0800 (PST) Message-ID: <400E1113.5020806@schluting.com> Date: Tue, 20 Jan 2004 21:41:39 -0800 From: Charlie Schluting User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5) Gecko/20031013 Thunderbird/0.3 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <200401201537.KAA16833502@shell.TheWorld.com> In-Reply-To: <200401201537.KAA16833502@shell.TheWorld.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by your mom at schluting.com Subject: Re: DNS access on private (RFC 1918) network X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jan 2004 05:41:34 -0000 Kenneth W Cochran wrote: > Hello: > > I get messages like the following in my syslog all the time: > > Jan 20 09:00:40 localhost /kernel: Connection attempt to > UDP 192.168.0.1:1990 from 192.168.0.1:53 > Jan 20 09:02:48 localhost /kernel: Connection attempt to > UDP 192.168.0.1:2052 from 192.168.0.1:53 WOW! Someone else with this problem! Its doing this because you're logging connection attempts to ports that aren't listening. I don't know why the attempts happens. I get hundreds of these a day: Connection attempt to UDP 127.0.0.1:50675 from 127.0.0.1:53 Connection attempt to UDP 127.0.0.1:54731 from 127.0.0.1:53 Connection attempt to UDP 127.0.0.1:54730 from 127.0.0.1:53 Connection attempt to UDP 127.0.0.1:54807 from 127.0.0.1:53 Strangely enough, mine are all to -> from locahost. Possibly because this box has a real address? net.inet.udp.log_in_vain: 1 Whomever solves this one is my hero for life ;) I think its a feature. -Charlie