------------------------------------------------------------------- This is an unstable amd64 chroot image at a tinderbox (==build bot) name: 17.0_20170706-204158 ------------------------------------------------------------------- gcc-config -l: [1] x86_64-pc-linux-gnu-6.3.0 * Available Python interpreters, in order of preference: [1] python3.4 [2] python2.7 (fallback) Available Ruby profiles: [1] ruby21 (with Rubygems) [2] ruby22 (with Rubygems) *
Created attachment 481696 [details] emerge-info.txt
Created attachment 481698 [details] dev-ml:lwt-3.0.0:20170707-071458.log
Created attachment 481700 [details] emerge-history.txt
Created attachment 481702 [details] environment
Created attachment 481704 [details] etc.portage.tbz2
Created attachment 481706 [details] logs.tbz2
Created attachment 481708 [details] temp.tbz2
Created attachment 481710 [details] tests.tbz2
this one is due to network restrictions... do we have RESTRICT="network-test" or something ? Tests pass here and are quite useful in normal setup so I don't want to disable them entirely...
(In reply to Alexis Ballier from comment #9) > this one is due to network restrictions... > > do we have RESTRICT="network-test" or something ? > Tests pass here and are quite useful in normal setup so I don't want to > disable them entirely... See discussion on gentoo-dev. Short answer: it doesn't exist yet, but you're not the only one who wants it. https://archives.gentoo.org/gentoo-dev/message/eee195c19309f45e81aef6f665239345
(In reply to Mike Gilbert from comment #10) > (In reply to Alexis Ballier from comment #9) > > this one is due to network restrictions... > > > > do we have RESTRICT="network-test" or something ? > > Tests pass here and are quite useful in normal setup so I don't want to > > disable them entirely... > > See discussion on gentoo-dev. Short answer: it doesn't exist yet, but you're > not the only one who wants it. > > https://archives.gentoo.org/gentoo-dev/message/ > eee195c19309f45e81aef6f665239345 it's unrelated it doesnt need internet but being able to issue icmp join for multicast this works perfectly fine if you don't firewall
So this isn't enough ? : startFirewall() { $IPT -P INPUT DROP $IPT -P OUTPUT ACCEPT $IPT -P FORWARD DROP # trust already established connections # $IPT -A INPUT --match conntrack --ctstate ESTABLISHED -j ACCEPT $IPT -A INPUT --match conntrack --ctstate RELATED -j ACCEPT $IPT -A INPUT --match conntrack --ctstate INVALID -j DROP # Allow localhost traffic # $IPT -A INPUT --in-interface lo -j ACCEPT
seems not: test_mcast: unexpected failure: "Unix.Unix_error(Unix.ENODEV, \"setsockopt\", \"\")" test_mcast: unexpected failure: "Unix.Unix_error(Unix.ENETUNREACH, \"send\", \"\")" test_mcast: unexpected failure: "Unix.Unix_error(Unix.ENODEV, \"setsockopt\", \"\")" test_mcast: unexpected failure: "Unix.Unix_error(Unix.ENETUNREACH, \"send\", \"\")"
