From owner-freebsd-jail@freebsd.org  Fri Nov 27 20:26:39 2015
Return-Path: <owner-freebsd-jail@freebsd.org>
Delivered-To: freebsd-jail@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 372C3A3A0E9
 for <freebsd-jail@mailman.ysv.freebsd.org>;
 Fri, 27 Nov 2015 20:26:39 +0000 (UTC)
 (envelope-from purpleritza@gmail.com)
Received: from mail-ob0-x22c.google.com (mail-ob0-x22c.google.com
 [IPv6:2607:f8b0:4003:c01::22c])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id ED87613A6
 for <freebsd-jail@freebsd.org>; Fri, 27 Nov 2015 20:26:38 +0000 (UTC)
 (envelope-from purpleritza@gmail.com)
Received: by obbbj7 with SMTP id bj7so89032193obb.1
 for <freebsd-jail@freebsd.org>; Fri, 27 Nov 2015 12:26:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:from:date:message-id:subject:to:content-type;
 bh=9tqxccf05qtmlLrDxjlckSWE1oZzCRIsPFjKvOL3MpY=;
 b=dn6wNFUrelXivZiHQTEZoDM0nTg35NAnQBldeLIZ+x+mCTt3TYCRrdE+4fmdtKc+sR
 3YkCj32omT7qxaGlsIPxZrZ1iL25EPCsSgaEzQJLaeBmvB7Gs1aBVGrMN173W+ejfeE3
 d0dxq0mKpyu+RKbKToUP9RFs0nRjgJ7jFLnkkNkrElI4frINv19uLVww7Xe0I4RAG8Nd
 svRdoBpGUSGT712zDMyw6y1TvQm4oB5TDVpblf/hOLt2XsNP8dDuTLgz+WyOv4A9QLOI
 YmUZcWK4R/tvk4t6XHQEI9hyZL39szU9yPkk+3C3hGkA5TQ4BwPE8WF9WC5xg9z9dpYA
 UB2Q==
X-Received: by 10.182.251.130 with SMTP id zk2mr33578267obc.57.1448655998229; 
 Fri, 27 Nov 2015 12:26:38 -0800 (PST)
MIME-Version: 1.0
Received: by 10.182.172.10 with HTTP; Fri, 27 Nov 2015 12:25:58 -0800 (PST)
From: =?UTF-8?B?R29yYW4gVGVwxaFpxIc=?= <purpleritza@gmail.com>
Date: Fri, 27 Nov 2015 21:25:58 +0100
Message-ID: <CADLW+u01U3KaOX11cphg0eFv8Hh-PHHcs7kEkV_ONnj=-Tx7yg@mail.gmail.com>
Subject: Issue with running 'pkg update' from jails with
 "net.inet.tcp.blackhole=2" sysctl.
To: freebsd-jail@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.20
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail/>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Nov 2015 20:26:39 -0000

Hi, I just discovered this little sysctl tweak (*net.inet.tcp.blackhole=2*)
which from what I understood can help hiding host from network scanners or
at least slow them down.

Everything works just fine except when updating jail (*running pkg
update / upgrade*) off the host's Nginx instance serving Poudriere-built
packages and with this sysctl set, update/upgrade command just hangs, not
sure why.

Anyone having same issue?