ryan beasley wrote:
On Fri, Jan 03, 2003 at 02:54:57PM -0200, Daniel C. Sobral wrote:Now that you mention it... This does coincide with me noticing I hadn't brought over the rc.sysctl I use on the other firewalls, which includes blackhole(4).
>Alas, that *did* work. My first attempt (replying to another message)
>was done with wrong permissions.
>
>Question... it did not have this trouble before Dec 13, but Dec 30 it
>had (no worlds in between). The sshd_config I use is the standard one.
>So... why?
Hm, no idea. Did you possibly change anything that'd stop the kernel
from returning ICMP port unreachables to sshd, like packet filtering on
lo0, or turning on blackhole(4), etc? Those are the first things that'd
come to mind explaining the sudden delays as the local lookup attempts
would've begun the instant you were using OpenSSH + privilege separation
+ chroot.
Ok, mystery solved. Question, though... why is it querying the reverse if I specifically *told* it not to?
--
Daniel C. Sobral (8-DCS)
Gerencia de Operacoes
Divisao de Comunicacao de Dados
Coordenacao de Seguranca
TCO
Fones: 55-61-313-7654/Cel: 55-61-9618-0904
E-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Outros:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Uh-oh -- WHY am I suddenly thinking of a VENERABLE religious leader
frolicking on a FORT LAUDERDALE weekend?
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
