From owner-freebsd-security Sat Feb 22 9: 8:48 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DBD237B401; Sat, 22 Feb 2003 09:08:45 -0800 (PST) Received: from dusty.upful.org (CPE000476ee7bea-CM014380008745.cpe.net.cable.rogers.com [24.157.229.207]) by mx1.FreeBSD.org (Postfix) with ESMTP id DE98943FDD; Sat, 22 Feb 2003 09:08:43 -0800 (PST) (envelope-from alex@dusty.upful.org) Received: (from alex@localhost) by dusty.upful.org (8.11.6/8.11.6) id h1MHAsQ98197; Sat, 22 Feb 2003 12:10:54 -0500 (EST) (envelope-from alex) Date: Sat, 22 Feb 2003 12:10:54 -0500 From: Alexander Anderson To: freebsd-security@FreeBSD.ORG, freebsd-ports@FreeBSD.ORG Subject: Re: FireDNS and net.inet.udp.log_in_vain Message-ID: <20030222171054.GA97944@dusty.upful.org> References: <873cmmpc16.wl@bemidji.meridian-enviro.com> <1045544795.19726.3.camel@sambo.fud.org.nz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1045544795.19726.3.camel@sambo.fud.org.nz> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > Connection attempt to UDP : from > > :53 > > I believe this is caused when the dns server is slow/overloaded, the > resolver queries the server but the packet arrives back after the local > port is closed. Is there any way to set up a rule in IPFW to drop such packets? Or, as a workaround, if there a way to set up syslog to ignore these "connection attempts"? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message