On 1/25/2012 9:05 PM, Noel Jones wrote: > On 1/25/2012 7:27 PM, Wietse Venema wrote: >> Apparently, FreeBSD packet filters can return an EPERM error >> when a packet does not match a valid state. >> ... >> So that could explain the EPERM (which has errno of 1). >> >> Wietse > > > OK, that server is using pf. The error doesn't seem to be causing > any ill effects, so I'll just ignore it. > > Thanks for your time on this. > > -- Noel Jones
As I examine my foot and the smoking gun in my hand, I now realize this is self-inflicted by a fail2ban rule that auto-blocks persistent offenders. The last couple days this seems to be causing the "Operation not permitted" on 10%~20% of the fail2ban blocks. Prior to that, one error recorded in the easily available 30 days or so. I'll attribute the apparent change to new bot behavior (faster? slower? meh.), which is of no particular interest here. Case closed. Nothing interesting here, folks. Move along. -- Noel Jones
