> I've recently started having the following show up in my security run 
> output:
> lilbuddy.antsclimbtree.com kernel log messages:
> > me: getaddrinfo(adsl-66-122-112-170.dsl.snfc21.pacbell.net, AF_INET) 
> > failed
> I also had failures of the following kind:
> Nov  7 08:33:34 lilbuddy inetd[68076]: refused connection from 
>, service imapd (tcp)
> Nov  7 12:18:43 lilbuddy inetd[69441]: refused connection from 
>, service imapd (tcp)
> I worked around the inetd issue by commenting out the following in 
> /etc/hosts.allow:
> #ALL : PARANOID : RFC931 20 : deny

Are you really sure you want to do this?
This is some protection against connection from hosts
trying to obsure their tracks.  

It basically means that you can't get a reverse DNS on the host.
If it is one of your machines, then you need to fix its DNS info.
If it is from somewhere else, you don't want it connecting to 
your machine - at least  not until they get their pile cleaned up. 

> The thing is both of the IP's in question ( and 
> have been connecting daily with no problem whatsoever 
> for over a year.  All of a sudden these refusals started, and I haven't 
> changed anything on my end.

Have you done an upgrade?
More recent versions of FreeBSD inetd automatically "wrap" the 
daemons that it starts.   Previously you had to put the wrap in
to the inetd.conf file.   I don't know just which version started
doing it automatically.

> My questions:
> 1) What is the best way to troubleshoot the getaddrinfo failure above?  
> What is the failure, exactly?  Poking around with nslookup and dig 
> doesn't reveal anything, at least to me.
> 2) The inetd failure seems related to the IP's in question not having 
> the same reverse/forward DNS entries.  


> However, this has been the case 
> for over a year and I haven't had the failure until recently.  What has 
> changed to cause this failure?

Did you upgrade FreeBSD recently - see above.
> 3) Is disabling ALL : PARANOID : RFC931 20 : deny a bad idea?


> One interesting thing is that both of these IP addresses are owned by 
> pacbell.net.  My guess is that pacbell messed something up on their 
> end.  

Sounds like a good possibility - or someone has not registered a host

There are others out there who can explain the details much better than I,
but here is the basic think anyway.

> Thanks for any suggestions.  Please CC me in any replies, as I'm on the 
> digest.
