From owner-freebsd-questions@FreeBSD.ORG Wed Aug 27 05:48:51 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4EC2516A4BF for ; Wed, 27 Aug 2003 05:48:51 -0700 (PDT) Received: from silakka.nettikala.fi (silakka.nettikala.fi [212.182.218.251]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9739243FA3 for ; Wed, 27 Aug 2003 05:48:48 -0700 (PDT) (envelope-from mailing-lists@johanpaul.com) Received: from localhost (localhost.nettikala.fi [127.0.0.1]) by silakka.nettikala.fi (Postfix) with ESMTP id DA4E31327C9; Wed, 27 Aug 2003 15:51:30 +0300 (EEST) Received: from silakka.nettikala.fi ([127.0.0.1]) by localhost (silakka.nettikala.fi [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20556-03; Wed, 27 Aug 2003 15:51:30 +0300 (EEST) Received: from silakka.nettikala.fi (localhost.nettikala.fi [127.0.0.1]) by silakka.nettikala.fi (Postfix) with SMTP id 4FA8A1327C5; Wed, 27 Aug 2003 15:51:30 +0300 (EEST) Received: from 193.166.135.194 (SquirrelMail authenticated user kypeli) by silakka.nettikala.fi with HTTP; Wed, 27 Aug 2003 15:51:30 +0300 (EEST) Message-ID: <3376.193.166.135.194.1061988690.squirrel@silakka.nettikala.fi> In-Reply-To: <20030827124551.GA56616@ei.bzerk.org> References: <2676.193.166.135.194.1061983372.squirrel@silakka.nettikala.fi> <003601c36c91$2eb13910$2401010a@zone3000.net> <20030827124551.GA56616@ei.bzerk.org> Date: Wed, 27 Aug 2003 15:51:30 +0300 (EEST) From: "Johan Paul" To: "Ruben de Groot" User-Agent: SquirrelMail/1.4.1 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Virus-Scanned: by amavisd-new at sviitti.com cc: freebsd-questions@freebsd.org Subject: Re: Correct syntax for ipfw to allow local traffic? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Aug 2003 12:48:51 -0000 >> /sbin/ipfw -q add 00001 allow ip from 127.0.0.1 to 127.0.0.1 via lo0 > > This won't help. He allready allows "any to any via lo0". > Anyway, it's not the firewall logging these "Connection attempt to" lines > to /var/log/messages. What happens here is some proces tries to make a > connection on a port where no other proces is listening. There can be many > reasons for this. If you don't want to see these messages anymore put the > line > > net.inet.tcp.log_in_vain=0 > > in /etc/sysctl.conf Aah, thanks!! I thought of this myself too after I noticed that the above line didn't work either. The port 2000 that the process tries to connect to is, I think, the Sieve port. I am not running Sieve which would explain the situation. Well, it seems that the firewall is working properly after all which is the most important thing. > > Ruben -- Johan