FreeBSD 12.0-RELEASE-p8 GENERIC
updated to p8 last Friday 7/26/19.
Last Sunday I was alerted to a locked up clamd daemon. I saw multiple clamd.sockets when there should be only one. I detected CPU utilization by clamd of up to 300% taking over one CPU socket entirely. After a while swapfile starts to get used up. The clamav-milter starts complaining that the clamd service isn't responding and rejects incoming email. The clamd.log shows as follows:
clamav-milter.log:
I cannot restart the clamd daemon-- instead I have to restart the server entirely to get the daemon running again. I find that I have to restart the server a few times each day. Upon rebooting, everything appears to be fine but in a few hours the scenario repeats where the clamd locks up causing clamav-milter to complain forcing another reboot.
I've reinstalled clamd as well as clamav-unofficial-sigs to no avail.
This strange phenomenon started, I believe, after I had upgraded FreeBSD on this machine to 12.0-RELEASE-p8 from p7 last Friday. This server has been running as our mail relay for several years and I have not experienced this issue until recently. Is this due to changes in 12.0-RELEASE-p8???
~Doug
updated to p8 last Friday 7/26/19.
Code:
# pkg version -v | g clam
clamav-0.101.2,1 = up-to-date with index
clamav-unofficial-sigs-5.6.2_1 = up-to-date with index
Code:
Tue Jul 30 05:10:46 2019 -> fd[43]: OK
Tue Jul 30 05:11:10 2019 -> fd[43]: OK
Tue Jul 30 05:14:10 2019 -> fd[47]: OK
Tue Jul 30 05:15:29 2019 -> fd[47]: OK
Tue Jul 30 05:22:01 2019 -> SelfCheck: Database status OK.
Tue Jul 30 05:32:11 2019 -> SelfCheck: Database status OK.
Tue Jul 30 05:42:12 2019 -> SelfCheck: Database status OK.
Tue Jul 30 05:52:17 2019 -> SelfCheck: Database status OK.
Tue Jul 30 06:02:36 2019 -> SelfCheck: Database status OK.
Tue Jul 30 06:12:46 2019 -> SelfCheck: Database status OK.
Tue Jul 30 06:22:50 2019 -> SelfCheck: Database status OK.
Tue Jul 30 06:32:52 2019 -> SelfCheck: Database status OK.
Tue Jul 30 06:42:53 2019 -> SelfCheck: Database status OK.
Tue Jul 30 06:47:12 2019 -> Reading databases from /var/db/clamav
Tue Jul 30 06:51:19 2019 -> Database correctly reloaded (6988077 signatures)
Tue Jul 30 06:51:19 2019 -> Client disconnected (FD 395)
Tue Jul 30 06:51:19 2019 -> Client disconnected (FD 396)
Tue Jul 30 06:51:19 2019 -> Client disconnected (FD 397)
Tue Jul 30 06:51:19 2019 -> Client disconnected (FD 398)
Tue Jul 30 06:51:19 2019 -> Client disconnected (FD 399)
Tue Jul 30 06:51:19 2019 -> Client disconnected (FD 400)
Tue Jul 30 06:51:19 2019 -> Client disconnected (FD 401)clamav-milter.log:
Code:
Tue Jul 30 07:53:34 2019 -> ERROR: Failed to initiate streaming/fdpassing
Tue Jul 30 07:53:34 2019 -> connect failed: Connection refused
Tue Jul 30 07:53:34 2019 -> Probe for slot 1 returned: failed
Tue Jul 30 07:53:34 2019 -> WARNING: No clamd server appears to be available
Tue Jul 30 07:53:50 2019 -> ERROR: Failed to initiate streaming/fdpassing
Tue Jul 30 07:53:50 2019 -> connect failed: Connection refused
Tue Jul 30 07:53:50 2019 -> Probe for slot 1 returned: failed
Tue Jul 30 07:53:50 2019 -> WARNING: No clamd server appears to be available
Tue Jul 30 07:53:53 2019 -> ERROR: Failed to initiate streaming/fdpassing
Tue Jul 30 07:53:53 2019 -> connect failed: Connection refused
Tue Jul 30 07:53:53 2019 -> Probe for slot 1 returned: failed
Tue Jul 30 07:53:53 2019 -> WARNING: No clamd server appears to be available
Tue Jul 30 07:54:04 2019 -> ERROR: Failed to initiate streaming/fdpassing
Tue Jul 30 07:54:04 2019 -> connect failed: Connection refused
Tue Jul 30 07:54:04 2019 -> Probe for slot 1 returned: failed
Tue Jul 30 07:54:04 2019 -> WARNING: No clamd server appears to be available
Tue Jul 30 07:54:12 2019 -> ERROR: Failed to initiate streaming/fdpassing
Tue Jul 30 07:54:12 2019 -> connect failed: Connection refused
Tue Jul 30 07:54:12 2019 -> Probe for slot 1 returned: failed
Tue Jul 30 07:54:12 2019 -> WARNING: No clamd server appears to be available# /usr/bin/sockstat -l | /usr/bin/awk /clamd.sock/
Code:
clamav clamd 65010 5 stream /var/run/clamav/clamd.sock
clamav clamd 65010 10 stream /var/run/clamav/clamd.sock
clamav clamd 65010 14 stream /var/run/clamav/clamd.sock
clamav clamd 65010 18 stream /var/run/clamav/clamd.sock
clamav clamd 65010 22 stream /var/run/clamav/clamd.sock
clamav clamd 65010 26 stream /var/run/clamav/clamd.sock
clamav clamd 65010 30 stream /var/run/clamav/clamd.sock
clamav clamd 65010 34 stream /var/run/clamav/clamd.sock
clamav clamd 65010 38 stream /var/run/clamav/clamd.sock
clamav clamd 65010 42 stream /var/run/clamav/clamd.sock
clamav clamd 65010 46 stream /var/run/clamav/clamd.sock
clamav clamd 65010 50 stream /var/run/clamav/clamd.sock
clamav clamd 65010 52 stream /var/run/clamav/clamd.sock
clamav clamd 65010 54 stream /var/run/clamav/clamd.sock
clamav clamd 65010 56 stream /var/run/clamav/clamd.sock
clamav clamd 65010 58 stream /var/run/clamav/clamd.sock
clamav clamd 65010 60 stream /var/run/clamav/clamd.sock
clamav clamd 65010 62 stream /var/run/clamav/clamd.sock
clamav clamd 65010 64 stream /var/run/clamav/clamd.sock
clamav clamd 65010 66 stream /var/run/clamav/clamd.sock
clamav clamd 65010 68 stream /var/run/clamav/clamd.sock
clamav clamd 65010 70 stream /var/run/clamav/clamd.sock
clamav clamd 65010 72 stream /var/run/clamav/clamd.sock
clamav clamd 65010 74 stream /var/run/clamav/clamd.sock
clamav clamd 65010 76 stream /var/run/clamav/clamd.sock
clamav clamd 65010 78 stream /var/run/clamav/clamd.sock
clamav clamd 65010 80 stream /var/run/clamav/clamd.sock
clamav clamd 65010 82 stream /var/run/clamav/clamd.sock
clamav clamd 65010 84 stream /var/run/clamav/clamd.sock
clamav clamd 65010 86 stream /var/run/clamav/clamd.sock
clamav clamd 65010 88 stream /var/run/clamav/clamd.sock
clamav clamd 65010 90 stream /var/run/clamav/clamd.sock
clamav clamd 65010 92 stream /var/run/clamav/clamd.sock
clamav clamd 65010 94 stream /var/run/clamav/clamd.sock
clamav clamd 65010 96 stream /var/run/clamav/clamd.sock
clamav clamd 65010 98 stream /var/run/clamav/clamd.sock
clamav clamd 65010 100 stream/var/run/clamav/clamd.sock
clamav clamd 65010 102 stream/var/run/clamav/clamd.sock
clamav clamd 65010 104 stream/var/run/clamav/clamd.sock
clamav clamd 65010 106 stream/var/run/clamav/clamd.sock
clamav clamd 65010 108 stream/var/run/clamav/clamd.sock
clamav clamd 65010 110 stream/var/run/clamav/clamd.sock
clamav clamd 65010 112 stream/var/run/clamav/clamd.sock
clamav clamd 65010 114 stream/var/run/clamav/clamd.sock
clamav clamd 65010 116 stream/var/run/clamav/clamd.sock
clamav clamd 65010 118 stream/var/run/clamav/clamd.sock
clamav clamd 65010 120 stream/var/run/clamav/clamd.sock
clamav clamd 65010 122 stream/var/run/clamav/clamd.sock
clamav clamd 65010 124 stream/var/run/clamav/clamd.sock
clamav clamd 65010 126 stream/var/run/clamav/clamd.sock
clamav clamd 65010 128 stream/var/run/clamav/clamd.sock
clamav clamd 65010 130 stream/var/run/clamav/clamd.sock
clamav clamd 65010 132 stream/var/run/clamav/clamd.sock
clamav clamd 65010 134 stream/var/run/clamav/clamd.sock
clamav clamd 65010 136 stream/var/run/clamav/clamd.sock
clamav clamd 65010 138 stream/var/run/clamav/clamd.sock
clamav clamd 65010 140 stream/var/run/clamav/clamd.sock
clamav clamd 65010 142 stream/var/run/clamav/clamd.sock
clamav clamd 65010 144 stream/var/run/clamav/clamd.sock
clamav clamd 65010 146 stream/var/run/clamav/clamd.sock
clamav clamd 65010 148 stream/var/run/clamav/clamd.sock
clamav clamd 65010 150 stream/var/run/clamav/clamd.sock
clamav clamd 65010 152 stream/var/run/clamav/clamd.sock
clamav clamd 65010 154 stream/var/run/clamav/clamd.sock
clamav clamd 65010 156 stream/var/run/clamav/clamd.sock
clamav clamd 65010 158 stream/var/run/clamav/clamd.sock
clamav clamd 65010 160 stream/var/run/clamav/clamd.sock
clamav clamd 65010 162 stream/var/run/clamav/clamd.sock
clamav clamd 65010 164 stream/var/run/clamav/clamd.sock
clamav clamd 65010 166 stream/var/run/clamav/clamd.sock
clamav clamd 65010 168 stream/var/run/clamav/clamd.sock
clamav clamd 65010 170 stream/var/run/clamav/clamd.sock
clamav clamd 65010 172 stream/var/run/clamav/clamd.sock
clamav clamd 65010 174 stream/var/run/clamav/clamd.sock
clamav clamd 65010 176 stream/var/run/clamav/clamd.sock
clamav clamd 65010 178 stream/var/run/clamav/clamd.sock
clamav clamd 65010 180 stream/var/run/clamav/clamd.sock
clamav clamd 65010 182 stream/var/run/clamav/clamd.sock
clamav clamd 65010 184 stream/var/run/clamav/clamd.sock
clamav clamd 65010 186 stream/var/run/clamav/clamd.sock
clamav clamd 65010 188 stream/var/run/clamav/clamd.sock
clamav clamd 65010 190 stream/var/run/clamav/clamd.sock
clamav clamd 65010 192 stream/var/run/clamav/clamd.sock
clamav clamd 65010 194 stream/var/run/clamav/clamd.sock
clamav clamd 65010 196 stream/var/run/clamav/clamd.sock
clamav clamd 65010 198 stream/var/run/clamav/clamd.sock
clamav clamd 65010 200 stream/var/run/clamav/clamd.sock
clamav clamd 65010 202 stream/var/run/clamav/clamd.sock
clamav clamd 65010 204 stream/var/run/clamav/clamd.sock
clamav clamd 65010 206 stream/var/run/clamav/clamd.sock
clamav clamd 65010 208 stream/var/run/clamav/clamd.sock
clamav clamd 65010 210 stream/var/run/clamav/clamd.sock
clamav clamd 65010 212 stream/var/run/clamav/clamd.sock
clamav clamd 65010 214 stream/var/run/clamav/clamd.sock
clamav clamd 65010 216 stream/var/run/clamav/clamd.sock
clamav clamd 65010 218 stream/var/run/clamav/clamd.sock
clamav clamd 65010 220 stream/var/run/clamav/clamd.sock
clamav clamd 65010 222 stream/var/run/clamav/clamd.sock
clamav clamd 65010 224 stream/var/run/clamav/clamd.sock
clamav clamd 65010 226 stream/var/run/clamav/clamd.sock
clamav clamd 65010 228 stream/var/run/clamav/clamd.sock
clamav clamd 65010 230 stream/var/run/clamav/clamd.sock
clamav clamd 65010 232 stream/var/run/clamav/clamd.sock
clamav clamd 65010 234 stream/var/run/clamav/clamd.sock
clamav clamd 65010 236 stream/var/run/clamav/clamd.sock
clamav clamd 65010 238 stream/var/run/clamav/clamd.sock
clamav clamd 65010 240 stream/var/run/clamav/clamd.sock
clamav clamd 65010 242 stream/var/run/clamav/clamd.sock
clamav clamd 65010 244 stream/var/run/clamav/clamd.sock
clamav clamd 65010 246 stream/var/run/clamav/clamd.sock
clamav clamd 65010 248 stream/var/run/clamav/clamd.sock
clamav clamd 65010 250 stream/var/run/clamav/clamd.sock
clamav clamd 65010 252 stream/var/run/clamav/clamd.sock
clamav clamd 65010 254 stream/var/run/clamav/clamd.sock
clamav clamd 65010 256 stream/var/run/clamav/clamd.sock
clamav clamd 65010 258 stream/var/run/clamav/clamd.sock
clamav clamd 65010 260 stream/var/run/clamav/clamd.sock
clamav clamd 65010 261 stream/var/run/clamav/clamd.sock
clamav clamd 65010 267 stream/var/run/clamav/clamd.sock
clamav clamd 65010 269 stream/var/run/clamav/clamd.sock
clamav clamd 65010 271 stream/var/run/clamav/clamd.sock
clamav clamd 65010 273 stream/var/run/clamav/clamd.sock
clamav clamd 65010 274 stream/var/run/clamav/clamd.sock
clamav clamd 65010 275 stream/var/run/clamav/clamd.sock
clamav clamd 65010 276 stream/var/run/clamav/clamd.sock
clamav clamd 65010 278 stream/var/run/clamav/clamd.sock
clamav clamd 65010 280 stream/var/run/clamav/clamd.sock
clamav clamd 65010 282 stream/var/run/clamav/clamd.sock
clamav clamd 65010 284 stream/var/run/clamav/clamd.sock
clamav clamd 65010 286 stream/var/run/clamav/clamd.sock
clamav clamd 65010 288 stream/var/run/clamav/clamd.sock
clamav clamd 65010 290 stream/var/run/clamav/clamd.sock
clamav clamd 65010 292 stream/var/run/clamav/clamd.sock
clamav clamd 65010 294 stream/var/run/clamav/clamd.sock
clamav clamd 65010 296 stream/var/run/clamav/clamd.sock
clamav clamd 65010 298 stream/var/run/clamav/clamd.sock
clamav clamd 65010 300 stream/var/run/clamav/clamd.sock
clamav clamd 65010 302 stream/var/run/clamav/clamd.sock
clamav clamd 65010 304 stream/var/run/clamav/clamd.sock
clamav clamd 65010 306 stream/var/run/clamav/clamd.sock
clamav clamd 65010 308 stream/var/run/clamav/clamd.sock
clamav clamd 65010 310 stream/var/run/clamav/clamd.sock
clamav clamd 65010 312 stream/var/run/clamav/clamd.sock
clamav clamd 65010 314 stream/var/run/clamav/clamd.sock
clamav clamd 65010 316 stream/var/run/clamav/clamd.sock
clamav clamd 65010 318 stream/var/run/clamav/clamd.sock
clamav clamd 65010 320 stream/var/run/clamav/clamd.sock
clamav clamd 65010 322 stream/var/run/clamav/clamd.sock
clamav clamd 65010 324 stream/var/run/clamav/clamd.sock
clamav clamd 65010 326 stream/var/run/clamav/clamd.sock
clamav clamd 65010 328 stream/var/run/clamav/clamd.sock
clamav clamd 65010 330 stream/var/run/clamav/clamd.sock
clamav clamd 65010 332 stream/var/run/clamav/clamd.sock
clamav clamd 65010 334 stream/var/run/clamav/clamd.sock
clamav clamd 65010 336 stream/var/run/clamav/clamd.sock
clamav clamd 65010 338 stream/var/run/clamav/clamd.sock
clamav clamd 65010 340 stream/var/run/clamav/clamd.sock
clamav clamd 65010 342 stream/var/run/clamav/clamd.sock
clamav clamd 65010 344 stream/var/run/clamav/clamd.sock
clamav clamd 65010 346 stream/var/run/clamav/clamd.sock
clamav clamd 65010 348 stream/var/run/clamav/clamd.sock
clamav clamd 65010 350 stream/var/run/clamav/clamd.sock
clamav clamd 65010 352 stream/var/run/clamav/clamd.sock
clamav clamd 65010 354 stream/var/run/clamav/clamd.sock
clamav clamd 65010 356 stream/var/run/clamav/clamd.sock
clamav clamd 65010 358 stream/var/run/clamav/clamd.sock
clamav clamd 65010 360 stream/var/run/clamav/clamd.sock
clamav clamd 65010 362 stream/var/run/clamav/clamd.sock
clamav clamd 65010 364 stream/var/run/clamav/clamd.sock
clamav clamd 65010 366 stream/var/run/clamav/clamd.sock
clamav clamd 65010 368 stream/var/run/clamav/clamd.sock
clamav clamd 65010 370 stream/var/run/clamav/clamd.sock
clamav clamd 65010 372 stream/var/run/clamav/clamd.sock
clamav clamd 65010 374 stream/var/run/clamav/clamd.sock
clamav clamd 65010 376 stream/var/run/clamav/clamd.sock
clamav clamd 65010 378 stream/var/run/clamav/clamd.sock
clamav clamd 65010 380 stream/var/run/clamav/clamd.sock
clamav clamd 65010 382 stream/var/run/clamav/clamd.sock
clamav clamd 65010 384 stream/var/run/clamav/clamd.sock
clamav clamd 65010 386 stream/var/run/clamav/clamd.sock
clamav clamd 65010 388 stream/var/run/clamav/clamd.sock
clamav clamd 65010 390 stream/var/run/clamav/clamd.sock
clamav clamd 65010 392 stream/var/run/clamav/clamd.sock
clamav clamd 65010 394 stream/var/run/clamav/clamd.sock
clamav clamd 65010 396 stream/var/run/clamav/clamd.sock
clamav clamd 65010 398 stream/var/run/clamav/clamd.sock
clamav clamd 65010 400 stream/var/run/clamav/clamd.sock
clamav clamd 65010 402 stream/var/run/clamav/clamd.sock
clamav clamd 65010 404 stream/var/run/clamav/clamd.sock
clamav clamd 65010 406 stream/var/run/clamav/clamd.sock
clamav clamd 65010 408 stream/var/run/clamav/clamd.sock
clamav clamd 65010 410 stream/var/run/clamav/clamd.sock
clamav clamd 65010 412 stream/var/run/clamav/clamd.sock
clamav clamd 65010 414 stream/var/run/clamav/clamd.sock
clamav clamd 65010 416 stream/var/run/clamav/clamd.sock
clamav clamd 65010 417 stream/var/run/clamav/clamd.sock
clamav clamd 65010 420 stream/var/run/clamav/clamd.sock
clamav clamd 65010 422 stream/var/run/clamav/clamd.sock
clamav clamd 65010 424 stream/var/run/clamav/clamd.sock
clamav clamd 65010 426 stream/var/run/clamav/clamd.sock
clamav clamd 65010 428 stream/var/run/clamav/clamd.sock
clamav clamd 65010 430 stream/var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sock
? ? ? ? stream /var/run/clamav/clamd.sockI've reinstalled clamd as well as clamav-unofficial-sigs to no avail.
Code:
# cat /boot/loader.conf
zfs_load="YES"
autoboot_delay="5" # reduce boot menu delay from 10 to 5 seconds
kern.geom.label.disk_ident.enable="0"
kern.geom.label.gptid.enable="0"
kern.geom.label.ufsid.enable="0" # Disable the auto-generated UFS UUIDs for filesystems
#geom_eli_load="YES"
geom_label_load="YES"
#geom_mirror_load="YES"
geom_part_gpt_load="YES"
# allow up to 32GB of swapfile
kern.maxswzone="83886080"
Code:
# cat /etc/sysctl.conf
# $FreeBSD: releng/12.0/sbin/sysctl/sysctl.conf 337624 2018-08-11 13:28:03Z brd $
#
# This file is read when going to multi-user and its contents piped thru
# ``sysctl'' to adjust kernel values. ``man 5 sysctl.conf'' for details.
#
# Uncomment this to prevent users from seeing information about processes that
# are being run under another UID.
#security.bsd.see_other_uids=0
kern.ipc.somaxconn=2048
# HardenedBSD and DoS mitigation
#
hw.kbd.keymap_restrict_change=4 # disallow keymap changes for non-privileged users (default 0)
kern.ipc.shm_use_phys=1 # lock shared memory into RAM and prevent it from being paged out to swap (default 0, disabled)
kern.msgbuf_show_timestamp=1 # display timestamp in msgbuf (default 0)
kern.randompid=1 # calculate PIDs by the modulus of an integer, set to one(1) to auto random (default 0)
net.bpf.optimize_writers=1 # bpf is write-only unless program explicitly specifies the read filter (default 0)
net.inet.icmp.drop_redirect=1 # no redirected ICMP packets (default 0)
net.inet.ip.check_interface=1 # verify packet arrives on correct interface (default 0)
net.inet.ip.portrange.first=1024 # use ports 1024 to portrange.last for outgoing connections (default 10000)
net.inet.ip.portrange.randomcps=9999 # use random port allocation if less than this many ports per second are allocated (default 10)
net.inet.ip.portrange.randomtime=1 # seconds to use sequental port allocation before switching back to random (default 45 secs)
net.inet.ip.random_id=1 # assign a random IP id to each packet leaving the system (default 0)
net.inet.ip.redirect=0 # do not send IP redirects (default 1)
net.inet.sctp.blackhole=2 # drop stcp packets destined for closed ports (default 0)
net.inet.tcp.blackhole=2 # drop tcp packets destined for closed ports (default 0)
net.inet.tcp.drop_synfin=1 # SYN/FIN packets get dropped on initial connection (default 0)
net.inet.tcp.ecn.enable=0 # Explicit Congestion Notification disabled unless proper active queue management is verified (default 2)
net.inet.tcp.fast_finwait2_recycle=1 # recycle FIN/WAIT states quickly, helps against DoS, but may cause false RST (default 0)
net.inet.tcp.finwait2_timeout=1000 # TCP FIN_WAIT_2 timeout waiting for client FIN packet before state close (default 60000, 60 sec)
net.inet.tcp.icmp_may_rst=0 # icmp may not send RST to avoid spoofed icmp/udp floods (default 1)
net.inet.tcp.keepcnt=3 # amount of tcp keep alive probe failures before socket is forced closed (default 8)
net.inet.tcp.keepidle=62000 # time before starting tcp keep alive probes on an idle, TCP connection (default 7200000, 7200 secs)
net.inet.tcp.keepinit=5000 # tcp keep alive client reply timeout (default 75000, 75 secs)
net.inet.tcp.msl=2500 # Maximum Segment Lifetime, time the connection spends in TIME_WAIT state (default 30000, 2*MSL = 60 sec)
net.inet.tcp.path_mtu_discovery=0 # disable for mtu=1500 as most hosts drop ICMP type 3 packets, but keep enabled for mtu=9000 (default 1)
net.inet.udp.blackhole=1 # drop udp packets destined for closed sockets (default 0)
security.bsd.hardlink_check_gid=1 # unprivileged processes may not create hard links to files owned by other groups, DISABLE WITH Mailman (default 0)
security.bsd.hardlink_check_uid=1 # unprivileged processes may not create hard links to files owned by other users, DISABLE WITH Mailman (default 0)
security.bsd.see_other_gids=0 # groups only see their own processes. root can see all (default 1)
security.bsd.see_other_uids=0 # users only see their own processes. root can see all (default 1)
security.bsd.stack_guard_page=1 # insert a stack guard page ahead of growable segments, stack smashing protection (SSP) (default 0)
security.bsd.unprivileged_proc_debug=0 # unprivileged processes may not use process debugging (default 1)
security.bsd.unprivileged_read_msgbuf=0 # unprivileged processes may not read the kernel message buffer (default 1)This strange phenomenon started, I believe, after I had upgraded FreeBSD on this machine to 12.0-RELEASE-p8 from p7 last Friday. This server has been running as our mail relay for several years and I have not experienced this issue until recently. Is this due to changes in 12.0-RELEASE-p8???
~Doug