Strange firewall entries
Hi.
I am trying to establish how the following entry came to appear on my log.
Eolukserver01a ipfw: limit 1 reached on entry 1270
Aug 15 12:43:41 Eolukserver01a ipfw: 12301 Accept UDP 192.168.64.129:50640 255.255.255.255:137 out via en0
Aug 15 12:43:41 Eolukserver01a ipfw: limit 1 reached on entry 12301
There is no reason i can think of why my server should be looking to use 255.255.255.255.137
if anyone can give some insight i would be grateful, i believe the entry is VPN related, and im not sure it is legitimate.
Thanks
Simon
Hi there.
Thanks for taking the time to respond.
Well i agree in principal, that your suggestion would be a relevant reason were it true.
Trouble is i am definately NOT providing windows services and there is no way that any netbios got near the machine, at least not by conventional means.
I notice that port 427 is used as well, it does appear that that the machine is deciding to make these communications, and in themselves they are not worrying.
Firewall seems a black art.
It would be useful to know which processes implemeted the packets, to establish wether they are a cause for concern.
Similar Messages
-
following log entry on a WLC5508 (7.4.100.0) is permanentely filling up the log buffer and the WLC operates in low performance.
*spamApTask7: Oct 29 10:08:13.114: #LWAPP-3-DUP_AP_IP: spam_lrad.c:33673 Duplicate IP address detected for AP APb0fa.eb3d.8b4f, IP address of AP 0.2.146.0, this is a duplicate of IP on another machine (MAC address 4:ba:53:e0: 0: 0)
*spamApTask0: Oct 29 10:08:04.478: #LWAPP-3-DUP_AP_IP: spam_lrad.c:33673 Duplicate IP address detected for AP APb0fa.ebb8.de74, IP address of AP 0.2.146.0, this is a duplicate of IP on another machine (MAC address 4:b9:c8: 0: 0: 0)
*spamApTask7: Oct 29 10:07:43.113: #LWAPP-3-DUP_AP_IP: spam_lrad.c:33673 Duplicate IP address detected for AP APb0fa.eb3d.8b4f, IP address of AP 0.2.146.0, this is a duplicate of IP on another machine (MAC address 4:ba:53:e0: 0: 0)
*spamApTask0: Oct 29 10:07:34.477: #LWAPP-3-DUP_AP_IP: spam_lrad.c:33673 Duplicate IP address detected for AP APb0fa.ebb8.de74, IP address of AP 0.2.146.0, this is a duplicate of IP on another machine (MAC address 4:b9:c8: 0: 0: 0)
Has somebody an idea what the issue is or can be? Or has it been monitored from someone else on other installations as well?
Both AP's does have different IP adresses from DHCP server x.y.z.248 and x.y.z.249. WLC is working as internal DHCP server. DHCP proxy is disabled. From what could this strange address 0.2.146.0 come from? I've never seen such an address like 0.2.146.0
I would like to appriciate any kind of help or suggestions
thanks a lot
KlausThis is another common issue that is seen when the AP tries to join the WLC. You might see this error message when the AP tries to join the controller.
No more AP manager IP addresses remain
One of the reasons for this error message is when there is a duplicate IP address on the network that matches the AP manager IP address. In such a case, the LAP keeps power cycling and cannot join the controller.
The debugs will show that the WLC receives LWAPP discovery requests from the APs and transmits a LWAPP discovery response to the APs. However, WLCs do not receive LWAPP join requests from the APs.
In order to troubleshoot this issue, ping the AP manager from a wired host on the same IP subnet as the AP manager. Then, check the ARP cache. If a duplicate IP address is found, remove the device with the duplicate IP address or change the IP address on the device so that it has a unique IP address on the network.
The AP can then join the WLC. -
Why are there so many firewall entries?
I know the firewall is doing its job by blocking these IP addresses. But how do they even get my I.P?
I have searched a few of these I.Ps and all of them have been reported for hacking.
Also, on my laptop. I have Avast! Free and Windows Firewall enabled. The BT Home Hub 5 firewall is also enabled. If I disable Windows Firewall, is the home hub firewall suffient enough?
Here are some samples
20:29:09, 16 Aug.
BLOCKED 1 more packets (because of Remote administration)
00:41:24, 17 Aug.
IN: BLOCK [16] Remote administration (TCP 60.190.71.52:41475->86.151.145.37:22 on ppp3)
These entries are actually scary to see!The Homehub firewall is doing its job. I would leave the Windows Firewall running. I would only stop it if you have another software firewall installed on your computer.
The router one stops attacks to your network from the Internet while the Windows one or a replacement on your computer, prevents anything on your computer accessing the Internet without permission as well as blocking attacks from the Internet. -
I have a rather strange question (or maybe it's not).
I was putting some entries into iCal for the first time on my brand new Macbook, and found 2 entries already in there: 'Pad Lock' in the ToDo list, and 'Massage' on 2nd Nov 2005 in the Calender.
Is this normal, or is my new Macbook not as new as I think it is?
Apologies if this is a silly question, and they're example entries or somethingIgnore the above, I was being very stupid
The mysterious entries came from my girlfriend's mobile phone, which she had iSync'd with the Macbook!
Thanks -
Virus? Security Question - strange plist entry / task
Hi!
My firewall Little Snitch noticed right after boot an application that tries to connect to a nonsense url, something like sdfsfjkhewsdfe.com.
The process is named ".smgr" and is located within user/Library.
The process is started by user/Library/LaunchAgents/com.apple.manager.plist
Does anybody knows about this .smgr task? Or can I get anymore info when examining other files?
Thanks in advance!
com.apple.manager.plist reads:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict><key>Label</key>
<string>com.apple.manager</string>
<key>ProgramArguments</key>
<array>
<string>/Users/matt/.smgr</string>
</array><key>RunAtLoad</key>
<true/>
<key>StartInterval</key>
<integer>3712</integer>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>StandardOutPath</key>
<string>/dev/null</string>
</dict>
</plist>
I analysed the task and got:
Sampling process 170 for 3 seconds with 1 millisecond of run time between samples
Sampling completed, processing symbols...
Analysis of sampling .smgr (pid 170) every 1 millisecond
Process: .smgr [170]
Path: /Users/matt/.smgr
Load Address: 0x100000000
Identifier: .smgr
Version: ??? (???)
Code Type: X86-64 (Native)
Parent Process: launchd [127]
Date/Time: 2012-04-04 14:44:42.359 +0200
OS Version: Mac OS X 10.6.8 (10K549)
Report Version: 6
Call graph:
2878 Thread_1248 DispatchQueue_1: com.apple.main-thread (serial)
2878 0x100000ca4
2878 0x100002468
2878 0x100000e3b
2878 CFReadStreamRead
2878 HTTPReadStream::streamRead(__CFReadStream*, unsigned char*, long, CFStreamError*, unsigned char*)
2878 CFReadStreamRead
2878 HTTPNetStreamInfo::streamRead(__CFReadStream*, unsigned char*, long, CFStreamError*, unsigned char*)
2878 CFRunLoopRunSpecific
2878 __CFRunLoopRun
2878 __CFMachPortPerform
2878 _GetAddrInfoMachPortCallBack(__CFMachPort*, void*, long, void*)
2878 getaddrinfo_async_handle_reply
2878 si_async_handle_reply
2878 si_libinfo_addrinfo_callback
2878 HostLookup_Master::getAddrInfoCallback(int, addrinfo*)
2878 Host::performCallback(InheritEnum<_ExtendedHostInfoType, CFHostInfoType>)
2878 SocketStream::_HostCallBack(__CFHost*, CFHostInfoType, CFStreamError const*, SocketStream*)
2878 SocketStream::hostCallback(__CFHost*, CFHostInfoType, CFStreamError const*)
2878 SocketStream::attemptNextConnection_NoLock()
2878 SocketStream::connect_NoLock(__CFData const*)
2878 CFSocketConnectToAddress
2878 connect
2878 Thread_1341 DispatchQueue_2: com.apple.libdispatch-manager (serial)
2878 start_wqthread
2878 _pthread_wqthread
2878 _dispatch_worker_thread2
2878 _dispatch_queue_invoke
2878 _dispatch_mgr_invoke
2878 kevent
2878 Thread_1343: com.apple.CFSocket.private
2878 thread_start
2878 _pthread_start
2878 __CFSocketManager
2878 select$DARWIN_EXTSN
Total number in stack (recursive counted multiple, when >=5):
Sort by top of stack, same collapsed (when >= 5):
connect 2878
kevent 2878
select$DARWIN_EXTSN 2878
Binary Images:
0x100000000 - 0x100004ff7 +.smgr ??? (???) <5ED1A761-8E26-02FF-370F-E2BA2720D458> /Users/matt/.smgr
0x100008000 - 0x100008fff +.libgmalloc.dylib ??? (???) <C5C8E257-608E-091E-359F-71200A436282> /Users/Shared/.libgmalloc.dylib
0x7fff5fc00000 - 0x7fff5fc3bdef dyld 132.1 (???) <B536F2F1-9DF1-3B6C-1C2C-9075EA219A06> /usr/lib/dyld
0x7fff80003000 - 0x7fff800bcfff libsqlite3.dylib 9.6.0 (compatibility 9.0.0) <2C5ED312-E646-9ADE-73A9-6199A2A43150> /usr/lib/libsqlite3.dylib
0x7fff80b0c000 - 0x7fff80b1bfff com.apple.NetFS 3.2.2 (3.2.2) <7CCBD70E-BF31-A7A7-DB98-230687773145> /System/Library/Frameworks/NetFS.framework/Versions/A/NetFS
0x7fff80fe0000 - 0x7fff80fe4ff7 libmathCommon.A.dylib 315.0.0 (compatibility 1.0.0) <95718673-FEEE-B6ED-B127-BCDBDB60D4E5> /usr/lib/system/libmathCommon.A.dylib
0x7fff81715000 - 0x7fff81726ff7 libz.1.dylib 1.2.3 (compatibility 1.0.0) <FB5EE53A-0534-0FFA-B2ED-486609433717> /usr/lib/libz.1.dylib
0x7fff818fc000 - 0x7fff81a73fe7 com.apple.CoreFoundation 6.6.6 (550.44) <BB4E5158-E47A-39D3-2561-96CB49FA82D4> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x7fff82a82000 - 0x7fff82ba1fe7 libcrypto.0.9.8.dylib 0.9.8 (compatibility 0.9.8) <14115D29-432B-CF02-6B24-A60CC533A09E> /usr/lib/libcrypto.0.9.8.dylib
0x7fff82baa000 - 0x7fff82baaff7 com.apple.CoreServices 44 (44) <DC7400FB-851E-7B8A-5BF6-6F50094302FB> /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x7fff833b6000 - 0x7fff834cdfef libxml2.2.dylib 10.3.0 (compatibility 10.0.0) <1B27AFDD-DF87-2009-170E-C129E1572E8B> /usr/lib/libxml2.2.dylib
0x7fff84164000 - 0x7fff8418fff7 libxslt.1.dylib 3.24.0 (compatibility 3.0.0) <8AB4CA9E-435A-33DA-7041-904BA7FA11D5> /usr/lib/libxslt.1.dylib
0x7fff844e4000 - 0x7fff8459aff7 libobjc.A.dylib 227.0.0 (compatibility 1.0.0) <03140531-3B2D-1EBA-DA7F-E12CC8F63969> /usr/lib/libobjc.A.dylib
0x7fff848b4000 - 0x7fff848feff7 com.apple.Metadata 10.6.3 (507.15) <DE238BE4-5E22-C4D5-CF5C-3D50FDEE4701> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadat a.framework/Versions/A/Metadata
0x7fff85acf000 - 0x7fff85ae5fef libbsm.0.dylib ??? (???) <42D3023A-A1F7-4121-6417-FCC6B51B3E90> /usr/lib/libbsm.0.dylib
0x7fff85ae6000 - 0x7fff85b27fff com.apple.SystemConfiguration 1.10.8 (1.10.2) <78D48D27-A9C4-62CA-2803-D0BBED82855A> /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfi guration
0x7fff8600d000 - 0x7fff86341fef com.apple.CoreServices.CarbonCore 861.39 (861.39) <1386A24D-DD15-5903-057E-4A224FAF580B> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonC ore.framework/Versions/A/CarbonCore
0x7fff86495000 - 0x7fff86653fff libicucore.A.dylib 40.0.0 (compatibility 1.0.0) <4274FC73-A257-3A56-4293-5968F3428854> /usr/lib/libicucore.A.dylib
0x7fff86654000 - 0x7fff8668ffff com.apple.AE 496.5 (496.5) <208DF391-4DE6-81ED-C697-14A2930D1BC6> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.fram ework/Versions/A/AE
0x7fff86690000 - 0x7fff866f0fe7 com.apple.framework.IOKit 2.0 (???) <4F071EF0-8260-01E9-C641-830E582FA416> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x7fff866f1000 - 0x7fff86719fff com.apple.DictionaryServices 1.1.2 (1.1.2) <E9269069-93FA-2B71-F9BA-FDDD23C4A65E> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Diction aryServices.framework/Versions/A/DictionaryServices
0x7fff8674f000 - 0x7fff869d9fe7 com.apple.security 6.1.2 (55002) <FD0B5AD4-74DB-7ED8-90D3-6EC56FFA8557> /System/Library/Frameworks/Security.framework/Versions/A/Security
0x7fff86a04000 - 0x7fff86aa4fff com.apple.LaunchServices 362.3 (362.3) <B90B7C31-FEF8-3C26-BFB3-D8A48BD2C0DA> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchS ervices.framework/Versions/A/LaunchServices
0x7fff86c16000 - 0x7fff86dd7fef libSystem.B.dylib 125.2.11 (compatibility 1.0.0) <9AB4F1D1-89DC-0E8A-DC8E-A4FE4D69DB69> /usr/lib/libSystem.B.dylib
0x7fff86dd8000 - 0x7fff86e68fff com.apple.SearchKit 1.3.0 (1.3.0) <4175DC31-1506-228A-08FD-C704AC9DF642> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchK it.framework/Versions/A/SearchKit
0x7fff87652000 - 0x7fff87658ff7 com.apple.DiskArbitration 2.3 (2.3) <857F6E43-1EF4-7D53-351B-10DE0A8F992A> /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x7fff88799000 - 0x7fff88816fef libstdc++.6.dylib 7.9.0 (compatibility 7.0.0) <35ECA411-2C08-FD7D-11B1-1B7A04921A5C> /usr/lib/libstdc++.6.dylib
0x7fff88817000 - 0x7fff88818ff7 com.apple.TrustEvaluationAgent 1.1 (1) <74800EE8-C14C-18C9-C208-20BBDB982D40> /System/Library/PrivateFrameworks/TrustEvaluationAgent.framework/Versions/A/Tru stEvaluationAgent
0x7fff88c30000 - 0x7fff88d04fe7 com.apple.CFNetwork 454.12.4 (454.12.4) <C83E2BA1-1818-B3E8-5334-860AD21D1C80> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwo rk.framework/Versions/A/CFNetwork
0x7fff89657000 - 0x7fff89665ff7 libkxld.dylib ??? (???) <8145A534-95CC-9F3C-B78B-AC9898F38C6F> /usr/lib/system/libkxld.dylib
0x7fff898a6000 - 0x7fff898f2fff libauto.dylib ??? (???) <F7221B46-DC4F-3153-CE61-7F52C8C293CF> /usr/lib/libauto.dylib
0x7fff89a66000 - 0x7fff89aa3ff7 libssl.0.9.8.dylib 0.9.8 (compatibility 0.9.8) <F743389F-F25A-A77D-4FCA-D6B01AF2EE6D> /usr/lib/libssl.0.9.8.dylib
0x7fff8a6b5000 - 0x7fff8a772fff com.apple.CoreServices.OSServices 359.2 (359.2) <BBB8888E-18DE-5D09-3C3A-F4C029EC7886> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServi ces.framework/Versions/A/OSServices
0x7fffffe00000 - 0x7fffffe01fff libSystem.B.dylib ??? (???) <9AB4F1D1-89DC-0E8A-DC8E-A4FE4D69DB69> /usr/lib/libSystem.B.dylib
Sample analysis of process 170 written to file /dev/stdoutHi Matt,
Can you send a copy of the following files, preferably in a ZIP file, to [email protected]
/Users/Shared/.libgmalloc.dylib
/Users/matt/.smgr
and:
/Library/LaunchAgents/com.apple.manager.plist
Thank you,
Lysa -
Strange repetitive entry in system log
8/7/11 7:06:10.000 PM kernel: macx_swapon SUCCESS
8/7/11 7:06:11.000 PM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/7/11 7:06:11.000 PM kernel: macx_swapoff SUCCESS
8/7/11 7:06:44.000 PM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/7/11 7:06:44.000 PM kernel: macx_swapoff FAILED - 2
8/7/11 7:07:17.000 PM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/7/11 7:07:17.000 PM kernel: macx_swapoff FAILED - 2
8/7/11 7:07:50.000 PM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/7/11 7:07:50.000 PM kernel: macx_swapoff FAILED - 2
Many more identical entries.
Anyone know what it means?
Dan SokolI am running Lion on a Late 2008, 15-Inch MacBook Pro.
Software Mac OS X Lion 10.7 (11A511)
Memory 4 GB 1067 MHz DDR3
Processor 2.4 GHz Intel Core 2 Duo
I have a 500GB disk partitioned and the main startup partition has 47GB free out of 200GB.
I get similar reports to Dan every minute:
8/11/11 11:11:23.000 AM kernel: macx_swapoff FAILED - 2
8/11/11 11:11:56.000 AM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/11/11 11:11:56.000 AM kernel: macx_swapoff FAILED - 2
8/11/11 11:12:29.000 AM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/11/11 11:12:29.000 AM kernel: macx_swapoff FAILED - 2
8/11/11 11:13:02.000 AM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/11/11 11:13:02.000 AM kernel: macx_swapoff FAILED - 2
8/11/11 11:13:36.000 AM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/11/11 11:13:36.000 AM kernel: macx_swapoff FAILED - 2
8/11/11 11:14:09.000 AM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/11/11 11:14:09.000 AM kernel: macx_swapoff FAILED - 2
8/11/11 11:14:42.000 AM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/11/11 11:14:42.000 AM kernel: macx_swapoff FAILED - 2
8/11/11 11:15:15.000 AM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/11/11 11:15:15.000 AM kernel: macx_swapoff FAILED - 2
8/11/11 11:15:48.000 AM kernel: (default pager): [KERNEL]: default_pager_backing_store_monitor - send LO_WAT_ALERT
8/11/11 11:15:48.000 AM kernel: macx_swapoff FAILED - 2
This appears when no memory hog programmes are running (only Safari, Activity Monitor and console) with more than 1.5GB of the 4GB memory being reported free in Activity Monitor. I see 725mb of Swap being used - before Lion, swap was always zero for me. Not sure whether this is something I need to worry about - other than the fact that it is cluttering up the logfiles.
Aruna -
Just got a new macbook pro, set up yahoo mail and yahoo instant messenger. While setting up xcode and iphone tools I noticed some certificates in my keychain that were not on my old machine. One is named "Jens Alfke" (apparently a former Apple developer of some fame), another is "[email protected]" (aka Brian Topping, some other developer). Any ideas how these got there?
Ignore the above, I was being very stupid
The mysterious entries came from my girlfriend's mobile phone, which she had iSync'd with the Macbook!
Thanks -
We have about 20 solaris 10u7 installations built from identical templates that run oracle databases with windows 2k3 2k8 front end on dell poweredge servers with Broadcom teamed nics. The problem affects only some connections. dell1 can ping 100% solaris1 but drops packets against solaris2 where dell2 can ping 100% solaris1 but drops packets against solaris2 and dell3 and solaris3 can ping everyone 100%. All the servers are on the same subnet. When the dell box cannot ping the solaris box I run an arp -a on the solaris box and it returns the wrong mac address for the dell box. The mac address can be a duplicate address from another server / gateway. When the mac address is correct the pings return. I have now changed the ip address on one of the solaris boxes and everyones happy for now...... I have tried setting static mac addresses with arp -s but these are overwritten. We are starting to see arp entries for computers no longer on our network.
We have tried to packet sniffing. I do not know how you can get the source from the prying eyes of the ARP I tried to find the information. Just like the firewire device, you need to make sure that your [sata dock station|http://www.espow.com/wholesale-sata-hdd-docking-station-for-mac-support-1394b-1394a-firewire-port.html] is ok, and then we raise all in the same subnet Dell Broadcom hard drivers and firmware of most issues. There is a new Solaris operating system 10u4 hdd dock and Broadcom network card problem. Adhere to the old drivers close rfc86 Solaris version 4.1 does not run upto Broadcom to the same level. We are still looking into more than 2 Boos from the ARP table entry. We think this is Broadcom's problem, not the existence of Solaris seems to be a re-entries on the Internet a lot of the problem.
Edited by: jackdrogba on Apr 1, 2010 12:58 AM -
I am getting numerous entries of this in Console: 7/13/14 2:40:05.000 PM kernel[0]: flow_divert_kctl_disconnect (0): disconnecting group 1
I can't find anything using Google except people with Hackintosh machines are experiencing this problem. Any idea what could be causing this?Hi, thanks for this. Are you saying then that if I want VNC this is just a fact of life or do I have a specific issue?
I don't understand for instance how it was exposed to the internet? Of course VNC is over the internet I understnd that, but it should not be advirtising surely?
I have a ddns account, checked in there, changed passwords etc.
I ran a port scan, none of my ports are open all are slealth and do not respond -
STrange VNC entries in console
Just wondering is something some how has gained access!
I see a fair number of these in console:
04/05/2013 17:11:46.690 screensharingd[464]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 81.16.49.10 :: Type: VNC DES
They all show as failed but wondering what they are, the ip is for somewhere in germany and I am in the UK, so its a bit concerning.Hi, thanks for this. Are you saying then that if I want VNC this is just a fact of life or do I have a specific issue?
I don't understand for instance how it was exposed to the internet? Of course VNC is over the internet I understnd that, but it should not be advirtising surely?
I have a ddns account, checked in there, changed passwords etc.
I ran a port scan, none of my ports are open all are slealth and do not respond -
Strange syslog entries in 10.5.1: mds[/PID/]: (Error) Import: importer fail
Hi all: (first post here
I do get really worrying error messages in my syslog after installing Leopard:
01.01.08 19:44:00 mds[35] (Error) Import: importer:0x87b200 Importer start failed for -2 (kr:268435459 (ipc/send) invalid destination port)
01.01.08 19:44:00 com.apple.launchd[1] (0x10d4e0.mdworker[6295]) getpwuid("4294967294") failed
01.01.08 19:44:00 com.apple.launchd[1] (0x10d4e0.mdworker[6295]) Exited with exit code: 1
01.01.08 19:44:00 com.apple.launchd[1] (0x10d4e0.mdworker) Failed to check-in!
This keeps repeating every 5 seconds - and I really have no clue what that huge UID for mdworker means - or how to change and what to change to make this go away...
Any help or insights really appreciated! TIA!
Best,
Frank DG1SBGIf that didn't work, type this command in the Terminal.app (/Applications/Utilities/), hit the return key, enter your admin password, and hit the return key:
*sudo mdutil -aE*
That will erase each local metadata store for all mounted volumes and rebuild them.
If that doesn't fix things and you want to report this to Apple, send a bug report (or enhancement request) via its Bug Reporter system. Join the Apple Developer Connection (ADC)—it's free and available for all Mac users and gets you a look at some development software. Since you already have an Apple username/ID, use that. Once a member, go to Apple BugReporter and file your bug report/enhancement request. You'll get a get a Bug ID number; thus, starting a dialog directly with engineering. -
Strange log entries (authentication fail) wth Home...
I was idly checking the event log on my Homehub 3B and noticed something odd (to me) under the GUI category. An extract from the log reads...
12:51:50,26 July. HTTP User admin login from 192.168.1.64 successfully.
12:28:26,26 July. HTTP User Basic login from 192.168.1.64 successfully.
13:51:09,25 July. HTTP authentication Fail from 118.113.54.xx
14:36:57,23 July. HTTP authentication Fail from 121.229.212.xxx
14:40:16,22 July. HTTP authentication Fail from 118.114.109.xxx
The successful logins are from myself, on the local network, i.e. http://bthomehub.home/ but what are those Fail messages? A quick check using a port-probing tool http://.grc.com/ shows that all my ports are stealthed so how can anyone be accessing the router and getting as far a receiving an authentification failure response?
Im not alarmed, particulalry, but just intensely curious. Anyone any ideas?I was idly checking the event log on my Homehub 3B and noticed something odd (to me) under the GUI category. An extract from the log reads...
12:51:50,26 July. HTTP User admin login from 192.168.1.64 successfully.
12:28:26,26 July. HTTP User Basic login from 192.168.1.64 successfully.
13:51:09,25 July. HTTP authentication Fail from 118.113.54.xx
14:36:57,23 July. HTTP authentication Fail from 121.229.212.xxx
14:40:16,22 July. HTTP authentication Fail from 118.114.109.xxx
The successful logins are from myself, on the local network, i.e. http://bthomehub.home/ but what are those Fail messages? A quick check using a port-probing tool http://.grc.com/ shows that all my ports are stealthed so how can anyone be accessing the router and getting as far a receiving an authentification failure response?
Im not alarmed, particulalry, but just intensely curious. Anyone any ideas? -
Strange log entries Running hook /usr/lib/pm-utils/power.d/wireless?
On my desktop machine I get this in the logs;
Running hook /usr/lib/pm-utils/power.d/wireless false:
/usr/lib/pm-utils/power.d/wireless false: success.Running hook /usr/lib/pm-utils/power.d/pcie_aspm false:
/usr/lib/pm-utils/power.d/pcie_aspm: line 9: echo: write error: Operation not permitted
/usr/lib/pm-utils/power.d/pcie_aspm false: success.
Running hook /usr/lib/pm-utils/power.d/readahead false:
/usr/lib/pm-utils/power.d/readahead false: success.
Running hook /usr/lib/pm-utils/power.d/sata_alpm false:
/usr/lib/pm-utils/power.d/sata_alpm false: success.
A lot ...
I do not have pm-utils or laptop-mode or pm-powersave installed since it is a desktop machine. The logs doesn't tell where it's coming from and I'd like to stop it.
Last edited by swanson (2012-01-30 15:54:28)I have the same error too: "/usr/lib/pm-utils/power.d/pcie_aspm: line 9: echo: write error: Operazione non permessa".
What is this?
Thank you.
Riccardo -
Custom Made Ties, Bespoke Ties, Seven-fold Tie, Six-fold Tie
...Custom Made Ties, Bespoke Ties, Pocket Squares, Scarves, Shawls,
Thai Silk fabric/> <script language=
www.mulberrywood.com/ - 12k - Cached - Similar pages
Why does Google list in a search result that has my index
page www.mulberrywood.com the following:
<script language=
Did I code something incorrectly, or is this something to do
with Google?Sangdao wrote:
> Custom Made Ties, Bespoke Ties, Seven-fold Tie, Six-fold
Tie
> ...Custom Made Ties, Bespoke Ties, Pocket Squares,
Scarves, Shawls,
> Thai Silk fabric/> <script language=
> www.mulberrywood.com/ - 12k - Cached - Similar pages
>
>
> Why does Google list in a search result that has my
index page
> www.mulberrywood.com the following:
>
> <script language=
>
>
> Did I code something incorrectly
Yes
<meta name="description" content=" Custom Made Ties,
Bespoke Ties, Pocket
Squares, Scarves, Shawls, Thai Silk fabric/>
should be:
<meta name="description" content="Custom Made Ties,
Bespoke Ties, Pocket
Squares, Scarves, Shawls, Thai Silk fabric" />
You have other issues:
http://validator.w3.org/check?uri=http%3A%2F%2Fwww.mulberrywood.com%2F
Thierry
Articles and Tutorials:
http://www.TJKDesign.com/go/?0
The perfect FAQ page:
http://www.TJKDesign.com/go/?9
CSS-P Templates:
http://www.TJKDesign.com/go/?1
CSS Tab Menu:
http://www.TJKDesign.com/go/?3 -
Hi All,
What's causing some work stations to create this strange NAT entry with no protocol defined and no Outside local and Outside global.
core2#sh ip nat trans | inc 172.16.75.139
Pro Inside global Inside local Outside local Outside global
--- 210.15.240.9 172.16.75.139 --- ---
tcp 210.15.240.9:5380 172.16.75.139:5380 61.137.191.125:80 61.137.191.125:80
Any ideas?
Thanks.
AndyHi Roman,
Thanks for the reply.
There is no static nat configured which is why I'm puzzled by that entry.
core2#sh run | inc nat
nat server
nat server
nat server
nat server
nat server
ip nat outside
ip nat inside
ip nat inside
ip nat outside
ip nat inside
ip nat translation timeout 300
ip nat pool NAT-POOL 210.15.240.6 210.15.240.9 netmask 255.255.255.224
ip nat inside source route-map nonat pool NAT-POOL overload
route-map nonat permit 10
That's the whole config and you can see that there is no static nat configured anywhere.
I have a few dhcp clients doing this on the network.
Look for example at the dhcp clients of 172.16.75.23 and 172.16.75.239.
core2#sh ip nat trans
Pro Inside global Inside local Outside local Outside global
tcp 210.15.240.9:1024 172.16.75.239:49796 210.15.254.237:443 210.15.254.237:443
--- 210.15.240.8 172.16.75.23 --- ---
--- 210.15.240.9 172.16.75.239 --- ---
tcp 210.15.240.6:1024 172.16.75.26:49240 207.46.61.90:80 207.46.61.90:80
tcp 210.15.240.6:1025 172.16.75.243:50811 202.45.127.78:993 202.45.127.78:993
tcp 210.15.240.6:1032 172.16.75.232:51226 66.102.11.164:80 66.102.11.164:80
tcp 210.15.240.6:1026 172.16.75.232:51526 72.167.82.19:993 72.167.82.19:993
tcp 210.15.240.6:1027 172.16.75.241:49982 209.85.129.111:993 209.85.129.111:993
tcp 210.15.240.8:54775 172.16.75.23:54775 89.149.236.104:80 89.149.236.104:80
Thanks.
Andy
Maybe you are looking for
-
Is this it or can you call someone
Is this the only help that is offered, or does Apple have a phone number so that you can speak to a human?
-
I have a barcode font, and i am trying to print specific barcodes onto paper. The printing works. When i first tested printing the barcode onto a piece of paper and scanning it it worked. That was by simply taking the Graphics object and using drawSt
-
Can I use my iphone 4GS in the Philippines while on vacation using a local SIM card?
Can I use my iphone 4gs in the Philippines using a local SIM card?
-
CS_BOM_EXPL_MAT_V2 is too slow!
We are using FM CS_BOM_EXPL_MAT_V2 in a report program that needs a fully exploded material BOM for many materials. Users have long complained that it runs too slow. We have identified this FM as the bottleneck. Is there an alternative material BO
-
Hi All, I want to create formula column in apex as in Oracle Forms. I would like to know how (which properties to be set or processes or any thing else) to use the formula and where. For example: Suppose I have two Text Items: As soon as value is ent