???????? 27 ??????? 2006 15:05, Pawel Worach ???????:> > I just noticed, that on my recent "6.1-STABLE #4: Thu Jun
?8" amd64
> > system attempts to connect to a bogus port (like 6666) hang instead of
> > failing with "Connection refused" immediately, as they on
other systems.
>
> Using sysctl net.inet.tcp.blackhole=1 ?
Yes, that's what it was...
Got me thinking, though... Should the blackhole setting apply to localhost
(and local IP addresses) at all? It is a security measure -- would be nicer
to reduce its impact on legitimate activity...
-mi
