Index: share/man/man4/blackhole.4
===================================================================
--- share/man/man4/blackhole.4
+++ share/man/man4/blackhole.4
@@ -12,24 +12,25 @@
 .\"
 .\"
 .\" $FreeBSD$
-.Dd January 1, 2007
+.Dd August 29, 2015
 .Dt BLACKHOLE 4
 .Os
 .Sh NAME
 .Nm blackhole
 .Nd a
 .Xr sysctl 8
-MIB for manipulating behaviour in respect of refused TCP or UDP connection
+MIB for manipulating behaviour in respect of refused TCP, UDP, or SCTP connection
 attempts
 .Sh SYNOPSIS
-.Cd sysctl net.inet.tcp.blackhole[=[0 | 1 | 2]]
-.Cd sysctl net.inet.udp.blackhole[=[0 | 1]]
+.Cd sysctl net.inet.sctp.blackhole Ns [=[ 0 | 1 ]]
+.Cd sysctl net.inet.tcp.blackhole Ns [=[ 0 | 1 | 2 ]]
+.Cd sysctl net.inet.udp.blackhole Ns [=[ 0 | 1 ]]
 .Sh DESCRIPTION
 The
 .Nm
 .Xr sysctl 8
 MIB is used to control system behaviour when connection requests
-are received on TCP or UDP ports where there is no socket listening.
+are received on TCP, UDP, or SCTP ports where there is no socket listening.
 .Pp
 Normal behaviour, when a TCP SYN segment is received on a port where
 there is no socket accepting connections, is for the system to return
@@ -52,12 +53,17 @@
 .Xr traceroute 8
 to a system.
 .Pp
+For SCTP, enabling blackhole behaviour turns off the sending of ABORT packets
+as follows: A MIB value of one will prevent sending an ABORT packet
+in response to an incoming INIT. A MIB value of two will do the same, but also
+prevent sending an ABORT packet when receiving packets out of the blue.
+.Pp
 The blackhole behaviour is useful to slow down anyone who is port scanning
 a system, attempting to detect vulnerable services on a system.
 It could potentially also slow down someone who is attempting a denial
 of service attack.
 .Sh WARNING
-The TCP and UDP blackhole features should not be regarded as a replacement
+The SCTP, TCP, and UDP blackhole features should not be regarded as a replacement
 for firewall solutions.
 Better security would consist of the
 .Nm
@@ -68,6 +74,7 @@
 It should be used together with other security mechanisms.
 .Sh SEE ALSO
 .Xr ip 4 ,
+.Xr sctp 4 ,
 .Xr tcp 4 ,
 .Xr udp 4 ,
 .Xr ipf 8 ,
@@ -80,5 +87,10 @@
 MIBs
 first appeared in
 .Fx 4.0 .
+.Pp
+The SCTP 
+.Nm 
+MIB first appeared in
+.Fx 9.1 .
 .Sh AUTHORS
 .An Geoffrey M. Rehmet
Index: sys/netinet/sctp_sysctl.h
===================================================================
--- sys/netinet/sctp_sysctl.h
+++ sys/netinet/sctp_sysctl.h
@@ -545,7 +545,7 @@
 #define SCTPCTL_RTTVAR_DCCCECN_MAX	1
 #define SCTPCTL_RTTVAR_DCCCECN_DEFAULT	1	/* 0 means disable feature */
 
-#define SCTPCTL_BLACKHOLE_DESC		"Enable SCTP blackholing"
+#define SCTPCTL_BLACKHOLE_DESC		"Enable SCTP blackholing. See blackhole(4) man page for more details."
 #define SCTPCTL_BLACKHOLE_MIN		0
 #define SCTPCTL_BLACKHOLE_MAX		2
 #define SCTPCTL_BLACKHOLE_DEFAULT	SCTPCTL_BLACKHOLE_MIN