On 17.04.2018 17:02, Andreas Longwitz wrote: > and in V11 with commit r315514 the same reply after 90 seconds, in the > meantime telnet is waiting on WCHAN "connec": > > Di. 17 Apr. 2018 10:46:28 CEST > Trying 192.168.0.122... > telnet: connect to address 192.168.0.122: Permission denied > telnet: Unable to connect to remote host > Di. 17 Apr. 2018 10:47:43 CEST > > I like to know if this is intended behaviour.
This change was based on
https://svnweb.freebsd.org/base?view=revision&revision=309610
Now I think it can be removed, because:
1. SAs should be configured by application before initiating of TCP
connection;
2. If there are no matching SAs, connection will be dropped after
several tries.
3. Even if connection will be dropped after first failed SYN, there is
special tcps_sig_err_buildsig error counter, that will be incremented
and we can determine the cause.
So, can you try this patch? And maybe someone who uses TCP-MD5 can try
it too (with and without configured SAs)?
--
WBR, Andrey V. Elsukov
Index: tcp_output.c
===================================================================
--- tcp_output.c (revision 332505)
+++ tcp_output.c (working copy)
@@ -1586,8 +1586,6 @@ timer:
SOCKBUF_UNLOCK_ASSERT(&so->so_snd); /* Check gotos. */
switch (error) {
case EACCES:
- tp->t_softerror = error;
- return (0);
case EPERM:
tp->t_softerror = error;
return (error);
signature.asc
Description: OpenPGP digital signature
