Re: postscreen "Operation not permitted"
- On 1/25/2012 9:05 PM, Noel Jones wrote:
> On 1/25/2012 7:27 PM, Wietse Venema wrote:As I examine my foot and the smoking gun in my hand, I now realize
>> Apparently, FreeBSD packet filters can return an EPERM error
>> when a packet does not match a valid state.
>> So that could explain the EPERM (which has errno of 1).
> OK, that server is using pf. The error doesn't seem to be causing
> any ill effects, so I'll just ignore it.
> Thanks for your time on this.
> -- Noel Jones
this is self-inflicted by a fail2ban rule that auto-blocks
The last couple days this seems to be causing the "Operation not
permitted" on 10%~20% of the fail2ban blocks. Prior to that, one
error recorded in the easily available 30 days or so. I'll
attribute the apparent change to new bot behavior (faster? slower?
meh.), which is of no particular interest here.
Nothing interesting here, folks. Move along.
-- Noel Jones