On Sunday 26 February 2006 14:26, Perttu Laine wrote: > Hello! > > I have problem with imap. Works fine if blackhole (tcp) is set to 0, but I > set it 1 or 2 imap stops responding (timeouts). Dovecot imap and freebsd > 5.4. So. What could be case here?
I suspect that it's trying to do something to localhost and doesn't get a reply back. Many programs behave like that, in my case kmail. It was trying to use rpc, other programs try to use ident. So, first find out what it's trying to do, use netstat -nafinet and you'll see some some TCP sockets in SYN_SENT state, for example: nik:0:~$ telnet 127.1 & [1] 75027 nik:1:~$ Trying 127.0.0.1... netstat -nafinet Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 127.0.0.1.56239 127.0.0.1.23 SYN_SENT [...] telnet will time out eventually. The kernel never sends a TCP reset there 'cause tcp.blackhole=1 step 2, use your favorite firewall to return an active reply(TCP reset), in my case: root:0:~# pfctl -srules No ALTQ support in kernel ALTQ related functions disabled block return in inet proto tcp from 127.0.0.1 to 127.0.0.1 port = sunrpc block return in inet proto udp from 127.0.0.1 to 127.0.0.1 port = sunrpc block drop in log inet proto tcp from any to any port 6000:6010 flags S/SA root:0:~# perhaps in a more complex situation(UDP) you should use a packet filter to log everything that goes through the loopback interface. Are you using TCP AND UDP blackhole? HTH, Nikos > > -- > kpn @ IRCnet > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
