Bug 132190 - EPERM explanation for send(2), sendto(2), and sendmsg(2) system calls is incomplete
Summary: EPERM explanation for send(2), sendto(2), and sendmsg(2) system calls is inco...
Status: Open
Alias: None
Product: Documentation
Classification: Unclassified
Component: Manual Pages (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-02-28 09:50 UTC by Karl Lehenbauer
Modified: 2018-04-11 21:03 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Karl Lehenbauer 2009-02-28 09:50:01 UTC
In the send, sendto and sendmsg system calls, the description for an EPERM result is:

The process using a SOCK_RAW socket was jailed and thesource address specified in the IP header did not  match the IP address bound to the prison.

While this is probably true (I haven't checked), a far more common reason for getting EPERM is that the firewall denied the packet.  If you attempt to use send, sendto or sendmsg and the firewall denies the packet, you'll get EPERM.

You can test this by firewalling some IP address and then trying to ping it from the same machine.  You'll get "sendto: permission denied" out of ping.

I propose the wording be changed to something like:

The packet was rejected for sending due to firewall rules on the local machine, or the process using a SOCK_RAW socket was jailed and the source address specified in the IP header did not  match the IP address bound to the prison.
Comment 1 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:01:26 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped