Date: Fri, 27 Nov 2015 20:49:32 -0500 From: Allan Jude <allanjude@freebsd.org> To: freebsd-jail@freebsd.org Subject: Re: Issue with running 'pkg update' from jails with "net.inet.tcp.blackhole=2" sysctl. Message-ID: <5659082C.7030805@freebsd.org> In-Reply-To: <CADLW%2Bu01U3KaOX11cphg0eFv8Hh-PHHcs7kEkV_ONnj=-Tx7yg@mail.gmail.com> References: <CADLW%2Bu01U3KaOX11cphg0eFv8Hh-PHHcs7kEkV_ONnj=-Tx7yg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --o6UsfTXE6bHRCk3gPgbcO9gD3HsqO8Rq9 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 2015-11-27 15:25, Goran Tep=C5=A1i=C4=87 wrote: > Hi, I just discovered this little sysctl tweak (*net.inet.tcp.blackhole= =3D2*) > which from what I understood can help hiding host from network scanners= or > at least slow them down. >=20 > Everything works just fine except when updating jail (*running pkg > update / upgrade*) off the host's Nginx instance serving Poudriere-buil= t > packages and with this sysctl set, update/upgrade command just hangs, n= ot > sure why. >=20 > Anyone having same issue? > _______________________________________________ > freebsd-jail@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"= >=20 If it is connecting to a port that is not open, instead of an error, it will have to wait 2+ minutes for the connection to timeout. I am not sure what is happening, but i imagine if you leave it long enough, something will happen. --=20 Allan Jude --o6UsfTXE6bHRCk3gPgbcO9gD3HsqO8Rq9 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJWWQgvAAoJEBmVNT4SmAt+RaUQANtGDxSTFl+xzcNa+UfUlQSj e0LUsOnKj0750uVYM8dml2OG1o9VQfxgWBCkl0kS/KRdbjeUQjd2wEJ5Iasz7Agq XjoIEbOZzw5RqbPY7mEQOrPBP7qMoaKN62Vku+B+ZCgIzFbP7Goi9QNHqqxrZ4Ah cptxTUrU8pXopdPhGBeNJKyIwd6Da1LlvTHWjEUnpnnoyoi9cFJxd1AcZYA+W75W 3I+AgTG7Q9zJZi+yRXww+IERqgdQ2bV54WVHIK2ndUCpP9WuD8HYVGHiWUYN5cdF 3hab9LKoO6irZykHMG3E8YxOCv9tZ14eQj9BZ2xQeFQzV16JJnLGy/0y+3FJ+UxW qXl4ezzKBDUd0xV1yeeVCP/lVzhN6qZUfnDbXYeKSKkCLTbvXBdwAqO+b+imoS3v C/WGKVNkbZJAorWzjjQ4egCcCdD0DAL4LDar6TA2ubdJBjiR2q1ZS/LeTlt5NCZA 8T+rUcZmcYJkL1gzugEE2nI8B94QNk2gfmKJPWaOt9uhVwmie0HZdc2rVTv2bVIC LhsR6mlbh0TRPFiLj+GLNnJ7bzCmXaeR26UxEC466ng60dZg9cniWr3O1qHsCgVl 8EoFdEqnHMUEmLTZWe/xQ7o9OKouaijH/aUXyTc0wf1pr8Mrzekz2iF84MAxuu8G qGTwuuIT3PzuOmM1Cspe =lXmn -----END PGP SIGNATURE----- --o6UsfTXE6bHRCk3gPgbcO9gD3HsqO8Rq9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5659082C.7030805>