Bug 239416 - connect.2 manpage: EACCES error code can be returned when firewall doesn't allow connection to be made
Summary: connect.2 manpage: EACCES error code can be returned when firewall doesn't al...
Status: Open
Alias: None
Product: Documentation
Classification: Unclassified
Component: Manual Pages (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL: https://bugs.freebsd.org/bugzilla/sho...
Keywords: patch
Depends on:
Reported: 2019-07-24 03:34 UTC by Yuri Victorovich
Modified: 2019-08-05 20:59 UTC (History)
2 users (show)

See Also:

patch (836 bytes, patch)
2019-07-24 03:34 UTC, Yuri Victorovich
no flags Details | Diff
patch (492 bytes, patch)
2019-07-29 22:22 UTC, Yuri Victorovich
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Yuri Victorovich freebsd_committer 2019-07-24 03:34:00 UTC
Created attachment 206024 [details]
Comment 1 Yuri Victorovich freebsd_committer 2019-07-24 03:34:55 UTC
Add link to bug that has an explanation.
Comment 2 Jilles Tjoelker freebsd_committer 2019-07-29 21:01:15 UTC
I agree with documenting this, but I think it would make more sense to show this as a separate [EACCES] condition (like the two [EACCES] conditions in the UNIX domain part below).
Comment 3 Yuri Victorovich freebsd_committer 2019-07-29 22:22:10 UTC
Created attachment 206147 [details]

I agree.
Comment 4 Jilles Tjoelker freebsd_committer 2019-08-05 20:51:26 UTC
This is useful but I think it is still a bit too vague. The [EACCES] error occurs only when the connection is denied by a "sufficiently local" firewall (ipfw(4)/ipf(4)/pf(4) or custom pfil(9) user). A firewall behind a network can cause various other errors but not [EACCES]. I wonder what the best way to formulate this is.

Sorry for not mentioning this earlier.
Comment 5 Yuri Victorovich freebsd_committer 2019-08-05 20:59:10 UTC
(In reply to Jilles Tjoelker from comment #4)

How about:
> Local firewall rules don't allow connection to be made, for example ipfw(4)/ipf(4)/pf(4) or a custom pfil(9) user.