Date: Thu, 6 Jan 2000 14:19:20 +1100 From: aunty <aunty@comcen.com.au> To: Greg Lehey <grog@lemis.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Strange UDP messages Message-ID: <20000106141919.E22061@comcen.com.au> In-Reply-To: <20000106122321.P30038@freebie.lemis.com> References: <20000106104533.A22061@comcen.com.au> <20000106114917.L30038@freebie.lemis.com> <20000106124145.D22061@comcen.com.au> <20000106122321.P30038@freebie.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 06, 2000 at 12:23:21PM +1030, Greg Lehey wrote:
> On Thursday, 6 January 2000 at 12:41:45 +1100, aunty wrote:
> > On Thu, Jan 06, 2000 at 11:49:17AM +1030, Greg Lehey wrote:
> >> On Thursday, 6 January 2000 at 10:45:33 +1100, aunty wrote:
> >>> Any idea where to start looking for the cause of these?
> >>
> >> /etc/services.
> >
> > Hmm, I should have mentioned I'd checked the ports there and was stumped.
> >
> >>> Jan 6 10:36:08 hostname /kernel: Connection attempt to UDP 127.0.0.1:512 from 127.0.0.1:4553
> >>
> >> biff 512/udp comsat #used by mail system to notify users
> >> # of new mail received; currently
> >> # receives messages only from
> >> # processes on the same machine
> >
> > OK, so it's biff. Now how do I stop it, or see what it's coming from,
> > or see any other evidence of it at all?
>
> Good question. Are you using sendmail?
Yep.
> Or maybe it's mail.local that's doing this.
BuggeredifIknow.
> > And why didn't it happen before the machine mysteriously rebooted
> > itself this morning? (This is 3.3-RELEASE with comsat disabled in
> > /etc/inetd.conf)
>
> Well, that's the reason. Disable comsat, and you won't be able to
> connect.
But hey, I _don't_want_ to connect to comsat. I'm not trying to. What is?
There was nobody logged in.
>
> >>> Jan 6 10:36:21 hostname /kernel: Connection attempt to UDP 127.0.0.1:4261 from 127.0.0.1:53
> >>
> >> domain 53/udp #Domain Name Server
> >>
> >> It's not really clear to me why your name server should want to
> >> contact your local host, but maybe there's something in your config
> >> which could explain that.
> >
> > Again, I can't see evidence in the logs of this happening before this
> > morning's reboot. I did have 'nameserver 127.0.0.1' in
> > /etc/resolv.conf. Removing that line and sending a SIGHUP to named
> > didn't affect the error messages.
>
> No, this is named trying to contact your system. Again, I'm puzzled
> as to why.
That makes two of us.
> On the whole, this is pretty harmless stuff; about the
> biggest problem is that you might fill up your log file.
Actually the biggest problem is that it makes a mess of root's console,
but I can fix that :-)
> You should be able to turn these messages off with
>
> # sysctl -w net.inet.tcp.log_in_vain=0
One for my notes, thanks.
--
Regards,
-*Sue*-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000106141919.E22061>