rc.conf kern_securelevel_enable="YES" kern_securelevel=1 ipfilter_enable="YES" ipfilter_rules="/etc/ipf.rules" #+ipfilter_flags="-D -T ipf_nattable_sz=10009,ipf_nattable_max=300000 -E" ipf ===== Does not start open device: No such file or directory User/kernel version check failed Glogs firewall does not protect. How do other firewalls behold themselves.
Can you do ls -l /dev/ipl please? Can you send me truss -f output from the ipf commend? I am not able to reproduce the problem on a recent -CURRENT. In the mean time I will update my stable/11 partitions and VMs on my testbed to try to duplicate the problem there. Another two things to try (after sending me truss outputs and ls -l /dev/ipl listsings) is service ipfilter stop and service ipfilter start. What do you get? Also try ipf -y. Do ls -l /dev/ipl before and after each of the above tests.
More questions: Can you provide kldstat otuput? Depending on output I may have more questions.
(In reply to Cy Schubert from comment #1) :/usr/home/siuchin # ls -l /dev/ipl crw------- 1 root wheel 0x55 May 26 09:34 /dev/ipl :/etc# sysctl kern.securelevel kern.securelevel: 1
(In reply to Cy Schubert from comment #2) pr 16 18:53:40 sshd[1186]: input_userauth_request: invalid user 1111 [preauth] Apr 16 18:53:40 sshd[1186]: Connection closed by 31.207.47.55 port 47415 [preauth] Apr 16 18:53:40 sshd[1188]: Connection closed by 31.207.47.55 port 55059 [preauth] Apr 16 18:53:41 sshd[1190]: Invalid user 1234 from 31.207.47.55 Apr 16 18:53:41 sshd[1190]: input_userauth_request: invalid user 1234 [preauth] Apr 16 18:53:41 sshd[1190]: Connection closed by 31.207.47.55 port 59676 [preauth] Apr 16 18:53:41 sshd[1192]: Invalid user admin from 31.207.47.55 Apr 16 18:53:41 sshd[1192]: input_userauth_request: invalid user admin [preauth] Apr 16 18:53:41 sshd[1192]: Connection closed by 31.207.47.55 port 40951 [preauth] Apr 16 18:53:42 sshd[1194]: Invalid user admin from 31.207.47.55 Apr 16 18:53:42 sshd[1194]: input_userauth_request: invalid user admin [preauth] Apr 16 18:53:42 sshd[1194]: Connection closed by 31.207.47.55 port 52849 [preauth]
@31 pass in quick inet proto tcp from 93.178.244.20/32 to any port = ssh group 1 @32 pass in quick inet proto tcp from 178.136.237.162/32 to any port = ssh group 1 @33 pass in quick inet proto tcp from 178.136.237.176/32 to any port = ssh group 1 @34 pass in quick inet proto tcp from 77.87.154.174/32 to any port = ssh group 1 @35 pass in quick inet proto tcp from 93.178.246.160/32 to any port = ssh group 1 @36 pass in quick inet proto tcp from 93.178.215.29/32 to any port = ssh group 1 @37 pass in quick inet proto tcp from 194.44.221.175/32 to any port = ssh group 1 ******* @85 pass in quick inet proto igmp from 224.0.0.0/4 to any group 1 @86 pass in quick inet proto igmp from any to 224.0.0.0/4 group 1 @87 pass in quick inet proto igmp from 240.0.0.0/4 to any group 1 @88 pass in quick inet proto igmp from any to 240.0.0.0/4 group 1 @89 block in log quick all group 1
(In reply to Aleks from comment #4) This is not kldstat outpout. Can you post output of kldstat please? Can you send me truss -f output from the ipf commend? You can do this by: truss -f -o ipf.out ipf -ZFa -f /etc/rules.conf Attach the file to this PR.
(In reply to Cy Schubert from comment #6) bad packets: in 0 out 0 input packets: blocked 1884048 passed 1305139262 nomatch 56 counted 0 output packets: blocked 0 passed 227718525 nomatch 227717896 counted 0 input packets logged: blocked 1864634 passed 0 output packets logged: blocked 0 passed 0 fopen(/etc/rules.conf) failed: No such file or directory truss -f -o ipf.out ipf -ZFa -f /etc/ipf.rules input packets: blocked 0 passed 110987 nomatch 110974 counted 0 output packets: blocked 0 passed 19942 nomatch 19942 counted 0 input packets logged: blocked 0 passed 0 output packets logged: blocked 0 passed 0 42022: mmap(0x0,32768,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34366361600 (0x800651000) 42022: issetugid()<----><------><------><------> = 0 (0x0) 42022: lstat("/etc",{ mode=drwxr-xr-x ,inode=54012288,size=2560,blksize=32768 }) = 0 (0x0) 42022: lstat("/etc/libmap.conf",{ mode=-rw-r--r-- ,inode=54012383,size=107,blksize=32768 }) = 0 (0x0) 42022: openat(AT_FDCWD,"/etc/libmap.conf",O_RDONLY|O_CLOEXEC,00) = 3 (0x3) 42022: fstat(3,{ mode=-rw-r--r-- ,inode=54012383,size=107,blksize=32768 }) = 0 (0x0) 42022: mmap(0x0,107,PROT_READ,MAP_PRIVATE,3,0x0) = 34366394368 (0x800659000) 42022: close(3)><------><------><------><------> = 0 (0x0) 42022: lstat("/usr",{ mode=drwxr-xr-x ,inode=61957632,size=512,blksize=32768 }) = 0 (0x0) 42022: lstat("/usr/local",{ mode=drwxr-xr-x ,inode=62037896,size=512,blksize=32768 }) = 0 (0x0) 42022: lstat("/usr/local/etc",{ mode=drwxr-xr-x ,inode=62680266,size=1024,blksize=32768 }) = 0 (0x0) 42022: lstat("/usr/local/etc/libmap.d",0x7fffffffcae8) ERR#2 'No such file or directory' 42022: munmap(0x800659000,107)<><------><------> = 0 (0x0) 42022: openat(AT_FDCWD,"/var/run/ld-elf.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3) 42022: read(3,"Ehnt\^A\0\0\0\M^@\0\0\0g\0\0\0\0"...,128) = 128 (0x80) 42022: fstat(3,{ mode=-r--r--r-- ,inode=23461988,size=231,blksize=32768 }) = 0 (0x0) 42022: lseek(3,0x80,SEEK_SET)<-><------><------> = 128 (0x80) 42022: read(3,"/lib:/usr/lib:/usr/lib/compat:/u"...,103) = 103 (0x67) 42022: close(3)><------><------><------><------> = 0 (0x0) 42022: access("/lib/libpcap.so.8",F_OK)><------> = 0 (0x0) 42022: openat(AT_FDCWD,"/lib/libpcap.so.8",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3) 42022: fstat(3,{ mode=-r--r--r-- ,inode=1444634,size=308872,blksize=32768 }) = 0 (0x0) 42022: mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34366394368 (0x800659000) 42022: mmap(0x0,2408448,PROT_NONE,MAP_PRIVATE|MAP_ANON|MAP_NOCORE,-1,0x0) = 34368462848 (0x800852000) 42022: mmap(0x800852000,303104,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x0) = 34368462848 (0x800852000) 42022: mmap(0x800a9b000,8192,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0x49000) = 34370859008 (0x800a9b000) 42022: mmap(0x800a9d000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_ANON,-1,0x0) = 34370867200 (0x800a9d000) 42022: munmap(0x800659000,4096)><------><------> = 0 (0x0) 42022: close(3)><------><------><------><------> = 0 (0x0) 42022: access("/lib/libkvm.so.7",F_OK)<><------> = 0 (0x0) 42022: openat(AT_FDCWD,"/lib/libkvm.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3) 42022: fstat(3,{ mode=-r--r--r-- ,inode=1444612,size=60712,blksize=32768 }) = 0 (0x0) 42022: mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34366394368 (0x800659000) 42022: mmap(0x0,2154496,PROT_NONE,MAP_PRIVATE|MAP_ANON|MAP_NOCORE,-1,0x0) = 34370871296 (0x800a9e000) 42022: mmap(0x800a9e000,57344,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x0) = 34370871296 (0x800a9e000) 42022: mmap(0x800cab000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0xd000) = 34373021696 (0x800cab000) 42022: munmap(0x800659000,4096)><------><------> = 0 (0x0) 42022: close(3)><------><------><------><------> = 0 (0x0) 42022: access("/lib/libc.so.7",F_OK)<--><------> = 0 (0x0) 42022: openat(AT_FDCWD,"/lib/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3) 42022: fstat(3,{ mode=-r--r--r-- ,inode=1444651,size=1744352,blksize=32768 }) = 0 (0x0) 42022: mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34366394368 (0x800659000) 42022: mmap(0x0,3883008,PROT_NONE,MAP_PRIVATE|MAP_ANON|MAP_NOCORE,-1,0x0) = 34373025792 (0x800cac000) 42022: mmap(0x800cac000,1634304,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x0) = 34373025792 (0x800cac000) 42022: mmap(0x80103a000,53248,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0x18e000) = 34376753152 (0x80103a000) 42022: mmap(0x801047000,102400,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_ANON,-1,0x0) = 34376806400 (0x801047000) 42022: munmap(0x800659000,4096)><------><------> = 0 (0x0) 42022: close(3)><------><------><------><------> = 0 (0x0) 42022: access("/lib/libelf.so.2",F_OK)<><------> = 0 (0x0) 42022: openat(AT_FDCWD,"/lib/libelf.so.2",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3) 42022: fstat(3,{ mode=-r--r--r-- ,inode=1444657,size=98136,blksize=32768 }) = 0 (0x0) 42022: mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34366394368 (0x800659000) 42022: mmap(0x0,2191360,PROT_NONE,MAP_PRIVATE|MAP_ANON|MAP_NOCORE,-1,0x0) = 34376908800 (0x801060000) 42022: mmap(0x801060000,94208,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x0) = 34376908800 (0x801060000) 42022: mmap(0x801276000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0x16000) = 34379096064 (0x801276000) 42022: munmap(0x800659000,4096)><------><------> = 0 (0x0) 42022: close(3)><------><------><------><------> = 0 (0x0) 42022: mmap(0x0,40960,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34366394368 (0x800659000) 42022: munmap(0x80065c000,28672)<------><------> = 0 (0x0) 42022: mmap(0x0,102400,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34366406656 (0x80065c000) 42022: sysarch(AMD64_SET_FSBASE,0x7fffffffe4b8)> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: readlink("/etc/malloc.conf",0x7fffffffdbb0,1024) ERR#2 'No such file or directory' 42022: issetugid()<----><------><------><------> = 0 (0x0) 42022: __sysctl(0x7fffffffda50,0x2,0x7fffffffdaa0,0x7fffffffda98,0x800e0a51f,0xd) = 0 (0x0) 42022: __sysctl(0x7fffffffdaa0,0x2,0x7fffffffdb64,0x7fffffffdb58,0x0,0x0) = 0 (0x0) 42022: mmap(0x0,2097152,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34379100160 (0x801277000) 42022: munmap(0x801277000,2097152)<----><------> = 0 (0x0) 42022: mmap(0x0,4190208,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34379100160 (0x801277000) 42022: munmap(0x801277000,1609728)<----><------> = 0 (0x0) 42022: munmap(0x801600000,483328)<-----><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: openat(AT_FDCWD,"/dev/ipl",O_RDONLY,00)<> = 3 (0x3) 42022: ioctl(3,SIOCGETFS,0xffffd740)<--><------> = 0 (0x0) 42022: openat(AT_FDCWD,"/dev/ipl",O_RDWR,00)<--> = 4 (0x4) 42022: ioctl(4,SIOCFRZST,0xffffe3d0)<--><------> = 0 (0x0) 42022: fstat(1,{ mode=crw--w---- ,inode=102,size=0,blksize=4096 }) = 0 (0x0) 42022: mmap(0x0,2097152,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34382807040 (0x801600000) 42022: ioctl(1,TIOCGETA,0xffffd800)<---><------> = 0 (0x0) 42022: write(1,"bad packets:\t\tin 0\tout 0\n",25) = 25 (0x19) 42022: write(1," input packets:\t\tblocked 0 pas"...,66) = 66 (0x42) 42022: write(1,"output packets:\t\tblocked 0 pas"...,64) = 64 (0x40) 42022: write(1," input packets logged:\tblocked "...,42) = 42 (0x2a) 42022: write(1,"output packets logged:\tblocked "...,42) = 42 (0x2a) 42022: ioctl(3,SIOCGETFS,0xffffdda0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCIPFFL,0xffffe430)<--><------> = 0 (0x0) 42022: ioctl(3,SIOCGETFS,0xffffdda0)<--><------> = 0 (0x0) 42022: __sysctl(0x7fffffffe3e0,0x2,0x640860,0x7fffffffe3d8,0x0,0x0) = 0 (0x0) 42022: open("/etc/ipf.rules",O_RDONLY,0666)<---> = 5 (0x5) 42022: fstat(5,{ mode=-rw-r--r-- ,inode=54012707,size=21236,blksize=32768 }) = 0 (0x0) 42022: read(5,"#ipfstat -in\n# /sbin/ipf -Fa -f"...,32768) = 21236 (0x52f4) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/nsswitch.conf",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: ioctl(6,TIOCGETA,0xffffd3f0)<---><------> ERR#25 'Inappropriate ioctl for device' 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# nsswitch.conf(5) - name ser"...,32768) = 336 (0x150) 42022: read(6,0x80167ad80,32768)<------><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: access("/lib/nss_compat.so.1",F_OK)<----> ERR#2 'No such file or directory' 42022: access("/usr/lib/nss_compat.so.1",F_OK)<> ERR#2 'No such file or directory' 42022: access("/usr/lib/compat/nss_compat.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/lib/nss_compat.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/lib/perl5/5.24/mach/CORE/nss_compat.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/llvm39/lib/nss_compat.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/lib/casper/nss_compat.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/lib/nss_compat.so.1",F_OK)<----> ERR#2 'No such file or directory' 42022: access("/usr/lib/nss_compat.so.1",F_OK)<> ERR#2 'No such file or directory' 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: access("/lib/nss_nis.so.1",F_OK)><------> ERR#2 'No such file or directory' 42022: access("/usr/lib/nss_nis.so.1",F_OK)<---> ERR#2 'No such file or directory' 42022: access("/usr/lib/compat/nss_nis.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/lib/nss_nis.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/lib/perl5/5.24/mach/CORE/nss_nis.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/llvm39/lib/nss_nis.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/lib/casper/nss_nis.so.1",F_OK)<> ERR#2 'No such file or directory' 42022: access("/lib/nss_nis.so.1",F_OK)><------> ERR#2 'No such file or directory' 42022: access("/usr/lib/nss_nis.so.1",F_OK)<---> ERR#2 'No such file or directory' 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: access("/lib/nss_files.so.1",F_OK)<-----> ERR#2 'No such file or directory' 42022: access("/usr/lib/nss_files.so.1",F_OK)<-> ERR#2 'No such file or directory' 42022: access("/usr/lib/compat/nss_files.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/lib/nss_files.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/lib/perl5/5.24/mach/CORE/nss_files.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/llvm39/lib/nss_files.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/lib/casper/nss_files.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/lib/nss_files.so.1",F_OK)<-----> ERR#2 'No such file or directory' 42022: access("/usr/lib/nss_files.so.1",F_OK)<-> ERR#2 'No such file or directory' 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: access("/lib/nss_dns.so.1",F_OK)><------> ERR#2 'No such file or directory' 42022: access("/usr/lib/nss_dns.so.1",F_OK)<---> ERR#2 'No such file or directory' 42022: access("/usr/lib/compat/nss_dns.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/lib/nss_dns.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/lib/perl5/5.24/mach/CORE/nss_dns.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/usr/local/llvm39/lib/nss_dns.so.1",F_OK) ERR#2 'No such file or directory' 42022: access("/lib/casper/nss_dns.so.1",F_OK)<> ERR#2 'No such file or directory' 42022: access("/lib/nss_dns.so.1",F_OK)><------> ERR#2 'No such file or directory' 42022: access("/usr/lib/nss_dns.so.1",F_OK)<---> ERR#2 'No such file or directory' 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: ioctl(6,TIOCGETA,0xffffd3c0)<---><------> ERR#25 'Inappropriate ioctl for device' 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: sigprocmask(SIG_BLOCK,{ SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIG 42022: sigprocmask(SIG_SETMASK,{ },0x0)><------> = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/services",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012316,size=86244,blksize=32768 }) = 0 (0x0) 42022: lseek(6,0x0,SEEK_CUR)<--><------><------> = 0 (0x0) 42022: lseek(6,0x0,SEEK_SET)<--><------><------> = 0 (0x0) 42022: read(6,"#\n# Network services, Internet "...,32768) = 32768 (0x8000) 42022: read(6,"s\nnetwall\t\t533/udp\t #for e"...,32768) = 32768 (0x8000) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/services",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012316,size=86244,blksize=32768 }) = 0 (0x0) 42022: lseek(6,0x0,SEEK_CUR)<--><------><------> = 0 (0x0) 42022: lseek(6,0x0,SEEK_SET)<--><------><------> = 0 (0x0) 42022: read(6,"#\n# Network services, Internet "...,32768) = 32768 (0x8000) 42022: read(6,"s\nnetwall\t\t533/udp\t #for e"...,32768) = 32768 (0x8000) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/services",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012316,size=86244,blksize=32768 }) = 0 (0x0) 42022: lseek(6,0x0,SEEK_CUR)<--><------><------> = 0 (0x0) 42022: lseek(6,0x0,SEEK_SET)<--><------><------> = 0 (0x0) 42022: read(6,"#\n# Network services, Internet "...,32768) = 32768 (0x8000) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/services",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012316,size=86244,blksize=32768 }) = 0 (0x0) 42022: lseek(6,0x0,SEEK_CUR)<--><------><------> = 0 (0x0) 42022: lseek(6,0x0,SEEK_SET)<--><------><------> = 0 (0x0) 42022: read(6,"#\n# Network services, Internet "...,32768) = 32768 (0x8000) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/services",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012316,size=86244,blksize=32768 }) = 0 (0x0) 42022: lseek(6,0x0,SEEK_CUR)<--><------><------> = 0 (0x0) 42022: lseek(6,0x0,SEEK_SET)<--><------><------> = 0 (0x0) 42022: read(6,"#\n# Network services, Internet "...,32768) = 32768 (0x8000) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: ioctl(4,SIOCADAFR,0xffffd6e0)<--><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/protocols",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012342,size=6452,blksize=32768 }) = 0 (0x0) 42022: read(6,"#\n# Internet protocols\n#\n# $F"...,32768) = 6452 (0x1934) 42022: close(6)><------><------><------><------> = 0 (0x0) 42022: stat("/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=54012348,size=336,blksize=32768 }) = 0 (0x0) 42022: open("/etc/services",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6) 42022: fstat(6,{ mode=-rw-r--r-- ,inode=54012316,size=86244,blksize=32768 }) = 0 (0x0) 42022: lseek(6,0x0,SEEK_CUR)<--><------><------> = 0 (0x0) 42022: lseek(6,0x0,SEEK_SET)<--><------><------> = 0 (0x0) 42022: read(6,"#\n# Network services, Internet "...,32768) = 32768 (0x8000) 42022: close(6)><------><------><------><------> = 0 (0x0)
Created attachment 183579 [details] ipf
Your outputs look normal. Can you do ipfstat -ion please?
Ping.
(In reply to Cy Schubert from comment #9) The answer has already been given above Here I do not understand ?? May 26 07:37:49 1zahid sshd[44192]: Received disconnect from 116.31.116.49 port 31692:11: [preauth] May 26 07:37:49 1zahid sshd[44192]: Disconnected from 116.31.116.49 port 31692 [preauth] May 26 07:42:17 1zahid sshd[44210]: Received disconnect from 121.18.238.119 port 38467:11: [preauth] May 26 07:42:17 1zahid sshd[44210]: Disconnected from 121.18.238.119 port 38467 [preauth] May 26 07:42:54 1zahid sshd[44208]: Received disconnect from 116.31.116.49 port 37294:11: [preauth] May 26 07:42:54 1zahid sshd[44208]: Disconnected from 116.31.116.49 port 37294 [preauth] May 26 07:50:08 1zahid sshd[44238]: Received disconnect from 116.31.116.49 port 22691:11: [preauth] May 26 07:50:08 1zahid sshd[44238]: Disconnected from 116.31.116.49 port 22691 [preauth] May 26 07:51:37 1zahid sshd[44254]: Received disconnect from 116.31.116.49 port 64003:11: [preauth] May 26 07:51:37 1zahid sshd[44254]: Disconnected from 116.31.116.49 port 64003 [preauth] May 26 07:57:55 1zahid sshd[44284]: reverse mapping checking getaddrinfo for 5-143-3-48.dynamic.primorye.net.ru [5.143.3.48] failed - POSSIBLE BREAK-IN ATTEMPT! [preauth] May 26 07:57:55 1zahid sshd[44284]: reverse mapping checking getaddrinfo for 5-143-3-48.dynamic.primorye.net.ru [5.143.3.48] failed - POSSIBLE BREAK-IN ATTEMPT! May 26 07:57:56 1zahid sshd[44284]: error: maximum authentication attempts exceeded for root from 5.143.3.48 port 46017 ssh2 [preauth] May 26 07:57:56 1zahid sshd[44284]: Disconnecting: Too many authentication failures [preauth] May 26 07:58:05 1zahid sshd[44282]: Received disconnect from 116.31.116.49 port 19066:11: [preauth] May 26 07:58:05 1zahid sshd[44282]: Disconnected from 116.31.116.49 port 19066 [preauth] May 26 08:02:47 1zahid sshd[44315]: error: maximum authentication attempts exceeded for root from 159.226.231.12 port 36130 ssh2 [preauth] May 26 08:02:47 1zahid sshd[44315]: Disconnecting: Too many authentication failures [preauth] May 26 08:05:28 1zahid sshd[44317]: Received disconnect from 116.31.116.49 port 39513:11: [preauth] May 26 08:05:28 1zahid sshd[44317]: Disconnected from 116.31.116.49 port 39513 [preauth] May 26 08:07:59 1zahid sshd[44333]: Received disconnect from 221.194.47.236 port 60715:11: [preauth] May 26 08:07:59 1zahid sshd[44333]: Disconnected from 221.194.47.236 port 60715 [preauth] May 26 08:09:29 1zahid sshd[44335]: Received disconnect from 121.18.238.106 port 45025:11: [preauth] May 26 08:09:29 1zahid sshd[44335]: Disconnected from 121.18.238.106 port 45025 [preauth] May 26 08:10:52 1zahid sshd[44351]: Received disconnect from 59.45.175.66 port 35386:11: [preauth] May 26 08:10:52 1zahid sshd[44351]: Disconnected from 59.45.175.66 port 35386 [preauth] May 26 08:12:56 1zahid sshd[44367]: fatal: Unable to negotiate with 199.180.115.54 port 60064: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] May 26 08:13:22 1zahid sshd[44365]: Received disconnect from 116.31.116.49 port 15202:11: [preauth] May 26 08:13:22 1zahid sshd[44365]: Disconnected from 116.31.116.49 port 15202 [preauth] May 26 08:18:37 1zahid sshd[44383]: Invalid user 0 from 91.197.232.109 May 26 08:18:37 1zahid sshd[44383]: input_userauth_request: invalid user 0 [preauth] May 26 08:18:37 1zahid sshd[44383]: Connection closed by 91.197.232.109 port 53489 [preauth] May 26 08:21:41 1zahid sshd[44399]: error: maximum authentication attempts exceeded for root from 71.202.166.141 port 55728 ssh2 [preauth] May 26 08:21:41 1zahid sshd[44399]: Disconnecting: Too many authentication failures [preauth] May 26 08:32:49 1zahid sshd[44441]: Received disconnect from 58.57.65.111 port 28595:11: [preauth] May 26 08:32:49 1zahid sshd[44441]: Disconnected from 58.57.65.111 port 28595 [preauth] May 26 08:33:13 1zahid sshd[44455]: Received disconnect from 116.31.116.9 port 61067:11: [preauth] May 26 08:33:13 1zahid sshd[44455]: Disconnected from 116.31.116.9 port 61067 [preauth] May 26 08:34:36 1zahid sshd[44457]: Received disconnect from 221.194.44.212 port 38861:11: [preauth] May 26 08:34:36 1zahid sshd[44457]: Disconnected from 221.194.44.212 port 38861 [preauth] May 26 08:47:46 1zahid sshd[44513]: Received disconnect from 59.45.175.86 port 44622:11: [preauth] May 26 08:47:46 1zahid sshd[44513]: Disconnected from 59.45.175.86 port 44622 [preauth] May 26 09:05:12 1zahid sshd[44598]: error: maximum authentication attempts exceeded for root from 176.209.199.109 port 44863 ssh2 [preauth] May 26 09:05:12 1zahid sshd[44598]: Disconnecting: Too many authentication failures [preauth] May 26 09:13:42 1zahid sshd[44626]: Received disconnect from 121.18.238.119 port 35512:11: [preauth] May 26 09:13:42 1zahid sshd[44626]: Disconnected from 121.18.238.119 port 35512 [preauth] Here I do not understand ?? sshd port 35512:11 35512 38861 53489 ???? 19/5000 seychas ne nablyudayu Now do not watch
(In reply to Cy Schubert from comment #10) OPEN
sysctl kern.securelevel kern.securelevel: 1 root@1zad:/etc# root@1zad:/etc# /sbin/ipf -Fa -f /etc/ipf.rules root@1zad:/etc#
In comment 9 I asked for, ipfstat -ion, please. Comment #5 is only a partial list of rules. I need to see the full list. If you're afraid to list them here you can send them to me directly. BTW. I did test locally (see comment #1) on my production firewall box. No problems. The issue must be in your config somewhere.
(In reply to Cy Schubert from comment #14) sysctl kern.securelevel kern.securelevel: 1 на другой машине другой сервер freebsd 11 история повторилась уже на php sysctl kern.securelevel kern.securelevel: 1 on another machine another server freebsd 11 the story was repeated already on php
Unable to reproduce this problem on 14-CURRENT.
rc.local /sbin/ipf -T nat_maxbucket=4095 ip_nat.sh #ifndef NAT_SIZE # ifdef LARGE_NAT //# define<--->NAT_SIZE<------>2047 # define<----->NAT_SIZE<------>4095 # else //# define<--->NAT_SIZE<------>127 # define<----->NAT_SIZE<------>4095 # endif #endif #ifndef RDR_SIZE # ifdef LARGE_NAT //# define<--->RDR_SIZE<------>2047 # define<----->RDR_SIZE<------>4095 # else //# define<--->RDR_SIZE<------>127 # define<----->RDR_SIZE<------>4095 # endif #endif #ifndef HOSTMAP_SIZE # ifdef LARGE_NAT //# define<--->HOSTMAP_SIZE<-->8191 # define<----->HOSTMAP_SIZE<-->16383 # else //# define<--->HOSTMAP_SIZE<-->2047 # define<----->HOSTMAP_SIZE<-->16383 # endif #endif #ifndef NAT_TABLE_MAX /* * This is newly introduced and for the sake of "l * present aren't what we'd normally use for creat */ # ifdef>LARGE_NAT //# define<--->NAT_TABLE_MAX<->18000 # define<----->NAT_TABLE_MAX<->1000000 # else //# define<--->NAT_TABLE_MAX<->30000 # define<----->NAT_TABLE_MAX<->1000000 # endif #endif #ifndef NAT_TABLE_SZ # ifdef LARGE_NAT //# define<--->NAT_TABLE_SZ<-->16383 # define<----->NAT_TABLE_SZ<-->32767 # else //# define<--->NAT_TABLE_SZ<-->2047 # define<----->NAT_TABLE_SZ<-->32767 # endif #endif #ifndef>APR_LABELLEN #define>APR_LABELLEN<-->16 #endif #define>NAT_HW_CKSUM<--><------>0x80000000 #define>NAT_HW_CKSUM_PART<----->0x40000000
I don't see how LARGE_NAT has anything to do with this.