User Tools

Site Tools


limiting_closed_port_rst_response

Limiting closed port RST response

FreeBSD’s kernel is that it will limit closed port RST responses,
It means someone repeatedly hitting a port that is closed, the kernel stop responding to all of the requests.

You generally get something like this in the system log:

kernel: Limiting closed port RST response from 379 to 200 packets per second
kernel: Limiting icmp unreach response from 112969 to 200 packets per second

This log might be help full to log in security scanner but not in general case. You can Disable by just adding the following lines

| /etc/sysctl.conf
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
limiting_closed_port_rst_response.txt · Last modified: 2020/08/10 02:35 (external edit)