Date: Sat, 17 May 2008 16:33:20 +0200 From: =?ISO-8859-1?Q?Johan_Str=F6m?= <johan@stromnet.se> To: freebsd-net@freebsd.org, freebsd-stable@freebsd.org Subject: connect(): Operation not permitted Message-ID: <678A03F5-5E8A-4CF6-90DF-AA9A4F30FBE1@stromnet.se>
next in thread | raw e-mail | index | archive | help
Hello I got a FreeBSD 7 machine running mail services (among other things). =20= This machine recently replaced a FreeBSD 6.2 machine doing the same =20 tasks. Now and then I need to send alot of mail to customers (mailing list), =20= and one thing i've noticed now after the change is that when I use a =20 lot of connections subsequently (high connection rate, even if they =20 are very shortlived) inside a jail (dunno if that has anything to do =20 with it though), I start to get Operation not permitted in return to =20 connect(). I've seen this in the PHP app that sends mail, when it tried to =20 connect to localhost, as well as from postfix when it have been trying =20= to connect to amavisd on localhost, but also from postfix when it has =20= tried to connect to remote SMTP servers. I do have PF for filtering, but there are no max-src-conn-rate limits =20= enabled for any rules that is used for this. However, from one of the =20= jail I do have a hfsc queue limiting the outgoing mail traffic from =20 one jailed IP. But I'm not sure that this would be the problem, since =20= I've also seen the problem when doing localhost connects in the jail, =20= and also in other jails on an entierly different IP that is not =20 affected. Does anyone have any clues about what I can look at and tune to fix =20 this? Thanks! -- Johan Str=F6m Stromnet johan@stromnet.se http://www.stromnet.se/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?678A03F5-5E8A-4CF6-90DF-AA9A4F30FBE1>