On 18/10/2012 09:03, Briongos Caballero, Sergio wrote:
Hello, I have in production server an installation with policyd and I'm getting this warnings in cbpolicyd.log:[2012/10/18-08:44:19 - 4597] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33086, Local: 127.0.0.1:10031[2012/10/18-08:47:39 - 4615] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33103, Local: 127.0.0.1:10031[2012/10/18-08:47:41 - 4627] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33090, Local: 127.0.0.1:10031[2012/10/18-08:49:03 - 4661] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33113, Local: 127.0.0.1:10031[2012/10/18-08:49:24 - 4614] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33101, Local: 127.0.0.1:10031[2012/10/18-08:51:19 - 4593] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33080, Local: 127.0.0.1:10031[2012/10/18-08:51:30 - 4647] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33104, Local: 127.0.0.1:10031[2012/10/18-08:51:36 - 4597] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33135, Local: 127.0.0.1:10031[2012/10/18-08:53:34 - 4604] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33105, Local: 127.0.0.1:10031[2012/10/18-08:54:08 - 4659] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33112, Local: 127.0.0.1:10031[2012/10/18-08:54:43 - 4622] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33083, Local: 127.0.0.1:10031[2012/10/18-08:54:43 - 4777] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33247, Local: 127.0.0.1:10031[2012/10/18-08:55:38 - 4810] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33264, Local: 127.0.0.1:10031[2012/10/18-08:55:51 - 4637] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33096, Local: 127.0.0.1:10031[2012/10/18-08:56:04 - 4604] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33429, Local: 127.0.0.1:10031[2012/10/18-08:56:30 - 4633] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33093, Local: 127.0.0.1:10031[2012/10/18-08:56:32 - 4621] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33087, Local: 127.0.0.1:10031[2012/10/18-08:57:06 - 4706] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33161, Local: 127.0.0.1:10031[2012/10/18-08:57:08 - 4601] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33091, Local: 127.0.0.1:10031[2012/10/18-08:57:08 - 4608] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33084, Local: 127.0.0.1:10031[2012/10/18-08:57:50 - 4633] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33497, Local: 127.0.0.1:10031[2012/10/18-08:58:22 - 4598] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33088, Local: 127.0.0.1:10031[2012/10/18-08:58:51 - 4683] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33142, Local: 127.0.0.1:10031[2012/10/18-08:59:14 - 4625] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33106, Local: 127.0.0.1:10031[2012/10/18-09:00:48 - 4651] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33109, Local: 127.0.0.1:10031[2012/10/18-09:00:49 - 4649] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33107, Local: 127.0.0.1:10031[2012/10/18-09:00:50 - 4654] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33108, Local: 127.0.0.1:10031[2012/10/18-09:01:00 - 4672] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33114, Local: 127.0.0.1:10031[2012/10/18-09:01:42 - 4611] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33098, Local: 127.0.0.1:10031[2012/10/18-09:02:04 - 4602] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33081, Local: 127.0.0.1:10031[2012/10/18-09:02:10 - 4617] [CBPOLICYD] WARNING: Client closed connection => Peer: 127.0.0.1:33097, Local: 127.0.0.1:10031I don't know if these warnings are really important.My server is a vmware virtual machine with CentOS release 5.7 (Final) 32bits, perl v5.8.8, Postfix 2.3.3 and cluebringer-2.0.12Memory usage: total used free shared buffers cached Mem: 2075012 1298416 776596 0 157280 492272 -/+ buffers/cache: 648864 1426148 Swap: 4128760 72 4128688 My cluebringer.conf is: # # Server configuration # [server] # Protocols to load protocols=<<EOT Postfix Bizanga EOT # Modules to load modules=<<EOT Core #AccessControl #CheckHelo #CheckSPF #Greylisting Quotas EOT # User to run this daemon as user=cluebringer group=cluebringer # Filename to store pid of parent process #pid_file=/var/run/cbpolicyd.pid# Uncommenting the below option will prevent cbpolicyd going into the background#background=no # Preforking configuration # # min_server - Minimum servers to keep around # min_spare_servers - Minimum spare servers to keep around ready to # handle requests# max_spare_servers - Maximum spare servers to have around doing nothing# max_servers - Maximum servers alltogether # max_requests - Maximum number of requests each child will serve # # One may want to use the following as a rough guideline... # Small mailserver: 2, 2, 4, 10, 1000 # Medium mailserver: 4, 4, 12, 25, 1000 # Large mailserver: 8, 8, 16, 64, 1000 # #min_servers=4 #min_spare_servers=4 #max_spare_servers=12 #max_servers=25 #max_requests=1000 min_servers=16 min_spare_servers=16 max_spare_servers=32 max_servers=128 max_requests=2000 # Log level: # 0 - Errors only # 1 - Warnings and errors # 2 - Notices, warnings, errors # 3 - Info, notices, warnings, errors # 4 - Debugging log_level=2 # File to log to instead of stdout log_file=/var/log/cbpolicyd.log # Log destination for mail logs...# main - Default. Log to policyd's main log mechanism, accepts NO args# syslog - log mail via syslog # format: log_mail=facility@method,args # # Valid methods for syslog: # native - Let Sys::Syslog decide # unix - Unix socket # udp - UDP socket # stream - Stream (for Solaris) # # Example: unix native #log_mail=mail@syslog:native # # Example: unix socket #log_mail=mail@syslog:unix # # Example: udp#log_mail=mail@syslog:udp,127.0.0.1 <mailto:#log_mail=mail@syslog:udp,127.0.0.1># # Example: Solaris #log_mail=local0@syslog:stream,/dev/log # log_mail=maillog # Things to log in extreme detail # modules - Log detailed module running information # tracking - Log detailed tracking information # policies - Log policy resolution # protocols - Log general protocol info, but detailed # bizanga - Log the bizanga protocol # # There is no default for this configuration option. Options can be # separated by commas. ie. protocols,modules # #log_detail= log_detail=protocols,modules,policies,tracking,bizanga # IP to listen on, * for all #host=* # Port to run on #port=10031 # Timeout in communication with clients #timeout=120 # cidr_allow/cidr_deny # Comma, whitespace or semi-colon separated. Contains a CIDR block to # compare the clients IP to. If cidr_allow or cidr_deny options are # given, the incoming client must match a cidr_allow and not match a # cidr_deny or the client connection will be closed. #cidr_allow=0.0.0.0/0 #cidr_deny= [database] #DSN=DBI:SQLite:dbname=policyd.sqlite #DSN=DBI:mysql:database=policyd;host=localhost #Username=root #Password= # DSN=DBI:mysql:database=policyd;host=localhost Username=policyd Password=xxxxxxxxxxxxxxxxxxx # What do we do when we have a database connection problem # tempfail - Return temporary failure # pass - Return success bypass_mode=pass # How many seconds before we retry a DB connection bypass_timeout=30 # Access Control module [AccessControl] enable=0 # Greylisting module [Greylisting] enable=0 # CheckHelo module [CheckHelo] enable=0 # CheckSPF module [CheckSPF] enable=0 # Quotas module [Quotas] enable=1
These don't appear serious at all. I"m hoping to have the next stable version out soon, you should see less of the above messages then.
One thing to check for is any errors in your Postfix logs concerning the policy checks.
-N
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
