Date: Tue, 27 Jun 2006 16:10:04 -0400 From: Mikhail Teterin <mi+mx@aldan.algebra.com> To: Pawel Worach <pawel.worach@gmail.com> Cc: freebsd-security@freebsd.org, net@freebsd.org Subject: Re: fetch http://localhost:6666 hangs Message-ID: <200606271610.04604.mi%2Bmx@aldan.algebra.com> In-Reply-To: <44A1816B.3030808@gmail.com> References: <200606271455.32276.mi%2Bmx@aldan.algebra.com> <44A1816B.3030808@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
в╕второк 27 червень 2006 15:05, Pawel Worach написав: > > I just noticed, that on my recent "6.1-STABLE #4: Thu Jun 8" amd64 > > system attempts to connect to a bogus port (like 6666) hang instead of > > failing with "Connection refused" immediately, as they on other systems. > > Using sysctl net.inet.tcp.blackhole=1 ? Yes, that's what it was... Got me thinking, though... Should the blackhole setting apply to localhost (and local IP addresses) at all? It is a security measure -- would be nicer to reduce its impact on legitimate activity... -mi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606271610.04604.mi%2Bmx>