Date: Thu, 10 Aug 2000 09:45:02 +1000 From: Gregory Bond <gnb@itga.com.au> To: Doug White <dwhite@resnet.uoregon.edu> Cc: Brad Knowles <blk@skynet.be>, FreeBSD-STABLE Mailing List <freebsd-stable@FreeBSD.ORG> Subject: Re: Weird responses to queso on broadcast address... Message-ID: <200008092345.JAA16416@lightning.itga.com.au> In-Reply-To: Your message of Wed, 09 Aug 2000 12:22:57 -0700.
next in thread | raw e-mail | index | archive | help
> You probably have the sysctl 'net.inet.tcp.log_in_vain' enabled so it logs > any connection attempts to nonexistent ports. I have this as well, and I get some very funny results. From our web cache, I get lots of messages like Aug 9 16:09:46 proxy /kernel: Connection attempt to TCP 202.53.40.211:3098 from 216.111.248.10:80 But at the same time, in the squid access log, the cache is making a connection to that IP/port to retrieve a web page. Similarly, I see lots of log_in_vain messages like this: Aug 9 16:21:02 ns /kernel: Connection attempt to UDP 192.168.128.49:3672 from 192.168.128.49:53 (i.e. named talking to another process on the same host). Something is very weird with the log_in_vain code (or, more seriously, the underlying IP stack) and, now that I have the proxy server up to 4.1-Stable, I'll attempt to investigate. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008092345.JAA16416>