How to repeat # uname -a FreeBSD r 12.1-RELEASE-p5 FreeBSD 12.1-RELEASE-p5 GENERIC amd64 Run this line some times: # sh -c 'for i in $(seq 100); do ping -c1 127.0.0.1 >/dev/null & done; wait' It runs 100 ping processes in parallel. Sometimes some of them fail and produce such output: ping: unable to limit access to system.dns service: Socket is not connected That command is synthetic. In my real system I have this message even for 20 processes run to ping different hosts. The bug also presents in 11.4-RELEASE-p1.
Nice self-DoS. :-D I think you need to tune some sysctl. Something like: net.local.stream.recvspace=65536 net.local.stream.sendspace=65536
(In reply to VVD from comment #1) Didn't help even with 265536 :(
I said "something like", but not "these"… So maybe exist other sysctl variables that can help.
I only found that error is concerned with libcasper but its sources didn't help me to find solution. Also I found kern.features.security_capabilities: 1 kern.features.security_capability_mode: 1 but they also didn't help.
(In reply to D from comment #4) I don't know - it was an assumption.