Date: Fri, 15 Feb 2002 09:30:21 +1100 From: Andrew Reilly <areilly@bigpond.net.au> To: bugs@bugs.au.freebsd.org, freebsd-questions@freebsd.org Subject: Curly DNS protocol/implementation question Message-ID: <20020215093021.C79293@gurney.lake>
next in thread | raw e-mail | index | archive | help
Hi all, I found the "log_in_vain" rc.conf knob a week or so ago, and thought that it would be neat to turn on: something else to distract me in my nightly security check. I've noticed two interesting things: something (fetchmail, probably) attempts to send me mail on what I guess to be a local IPv6 address "::0001:25" every five minutes. My mail server is qmail, so I'd guess that it's not listening on IPv6. I'll check the fetchmail doco to see if I can force it to use IPv4. Or perhaps find an IPv6 knob on qmail. The interesting bit though, is that every so often (or perhaps it happens every time?) I get a log for a UDP connection from one of my name servers (both the ISP and the server on my office LAN) from port 53 to some almost monotonically increasing local port number. Now "log_in_vain" is advertised as logging connection attampts for which there is no listener. Presumably, these are packets sent by the name server _after_ my request has been satisfied and the DNS-requesting client has gone away. Is this an indication of some brokenness in our resolver library (seems unlikely), or some Microsoft-inspired protocol extension/corruption? Or something else? It doesn't appear to be hurting me, but I'd like to know what it's about, if only to think of a way to cut a non-useful log message out of the report. -- Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020215093021.C79293>