On Fri, Apr 22, 2022 at 04:03:17PM +0000, Laura Smith wrote: > Hi, > Am seeing some odd nsd log entries crop up in /var/log/messages.?? Any cause > for concern ? Anyone else seen these ? > > Apr 22 15:08:46 nsd[99760]: failed writing to tcp: Permission denied > > No problems with IPv4 or IPv6 connectivity on this host, I can access the > internet fine both directly on this host and through it (it doubles up as a > firewall). > > Laura
Hi Laura, I took a look at the code and it is a writev() or a write() they do on tcp writes. Then I checked the manpage for send because write() on a TCP socket is the same as send() afaik. The manpage says this about your error: [EACCES] The connection was blocked by pf(4), or SO_BROADCAST is not set on the socket and a broadcast address was given as the destination. TCP doesn't do any broadcasting so it was blocked by p(4). So that's weird becuase the 3-way handshake must have completed for nsd to reply a query. Meaning there was SYN's and ACK's being exchanged but perhaps a PUSH+ACK may not succeed through the pf rules? Don't post your firewall rules to the list, but study them :-) and correct them. Best Regards, -peter