From owner-freebsd-ports  Mon Feb 17 19:36:28 2003
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id BD4B237B401; Mon, 17 Feb 2003 19:36:26 -0800 (PST)
Received: from agena.meridian-enviro.com (thunder.meridian-enviro.com [207.109.234.227])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 9313D43F93; Mon, 17 Feb 2003 19:36:25 -0800 (PST)
	(envelope-from rand@meridian-enviro.com)
Received: from bemidji.meridian-enviro.com (bemidji.meridian-enviro.com [192.168.0.10])
	by agena.meridian-enviro.com (8.11.6/8.11.6) with ESMTP id h1I3Zrf81752;
	Mon, 17 Feb 2003 21:35:53 -0600 (CST)
	(envelope-from rand@meridian-enviro.com)
Date: Mon, 17 Feb 2003 21:35:49 -0600
Message-ID: <871y26p8fe.wl@bemidji.meridian-enviro.com>
From: "Douglas K. Rand" <rand@meridian-enviro.com>
To: Kris Kennaway <kris@obsecurity.org>
Cc: freebsd-security@FreeBSD.ORG, freebsd-ports@FreeBSD.ORG
Subject: Re: FireDNS and net.inet.udp.log_in_vain
In-Reply-To: <20030218032338.GA32867@rot13.obsecurity.org>
References: <873cmmpc16.wl@bemidji.meridian-enviro.com>
	<20030218032338.GA32867@rot13.obsecurity.org>
User-Agent: Wanderlust/2.10.0 (Venus) SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.4 MULE XEmacs/21.1 (patch 14) (Cuyahoga Valley) (i386--freebsd)
X-Face: $L%T~#'9fAQ])o]A][d7EH`V;"_;2K;TEPQB=v]rDf_2s%<d5}=?&`PeE)<@]
        fT6ejN-VVK,Fej'k6570?"R$}bLKm84G-S?"!F8vaZ*8h}mM;@Xs%\I@8p8Rc
MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen")
Content-Type: text/plain; charset=US-ASCII
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports>
X-Loop: FreeBSD.org

Doug> Has anybody else noticed this, and is there a solution other
Doug> than "Ignore those log messages" or "Unset
Doug> net.inet.udp.log_in_vain"? (Both of these solutions /are/ fairly
Doug> reasonable.)

Kris> log_in_vain means "log all connection attempts".  And that's
Kris> precisely what it's doing :-) Turn it off or filter it if you
Kris> don't actually want to see ALL connection attempts.

I hate to be contrary, but.... Thats not what /etc/defaults/rc.conf
says:

   log_in_vain="0"                 # >=1 to log connects to ports w/o listeners.

And that isn't what happens, either. When I ssh into the box, I don't
get message, when NTP stuff happens, no log messages. It really only
seems to be when a connection happens to a port not listening:

$ telnet localhost 25
works, connects to the SMTP server with out a message


$ telnet localhost 250
doesn't work, but produces a "Connection attemp" message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message