connect(): Operation not permitted

[Johan Ström]

Hello

I got a FreeBSD 7 machine running mail services (among other things).  
This machine recently replaced a FreeBSD 6.2 machine doing the same  
tasks.
Now and then I need to send alot of mail to customers (mailing list),  
and one thing i've noticed now after the change is that when I use a  
lot of connections subsequently (high connection rate, even if they  
are very shortlived) inside a jail (dunno if that has anything to do  
with it though), I start to get Operation not permitted in return to  
connect().
I've seen this in the PHP app that sends mail, when it tried to  
connect to localhost, as well as from postfix when it have been trying  
to connect to amavisd on localhost, but also from postfix when it has  
tried to connect to remote SMTP servers.

I do have PF for filtering, but there are no max-src-conn-rate limits  
enabled for any rules that is used for this. However, from one of the  
jail I do have a hfsc queue limiting the outgoing mail traffic from  
one jailed IP. But I'm not sure that this would be the problem, since  
I've also seen the problem when doing localhost connects in the jail,  
and also in other jails on an entierly different IP that is not  
affected.

Does anyone have any clues about what I can look at and tune to fix  
this?

Thanks!

--
Johan Ström
Stromnet
johan at stromnet.se
http://www.stromnet.se/