Date: Thu, 1 Aug 2002 15:06:19 -0700 (PDT) From: Anshuman Kanwar <akanwar@engineering.ucsb.edu> To: <freebsd-questions@freebsd.org> Cc: <freebsd-net@freebsd.org> Subject: RST limit and ICMP_BANDLIM Message-ID: <Pine.LNX.4.33.0202060714280.12511-100000@linux22.engr.ucsb.edu> In-Reply-To: <3C2F6ADA.95396383@expertcity.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all,
I understand that RST packets are returned for TCP packets that are
reseived for closed ports. And a log messsge of the form:
Limiting closed port RST response from 233 to 200 packets per second
is generated.
My questions about this are:
1) What happens if the packets are dropped without returning a RST.
Will this be against RFC specs.
2) Is there a kernel option to enable the above behavior. I could not
find anything in LINT.
3) What is ICMP_BANDLIM ? and is it in any way related to these RSt
responses ? If it is then should it not be called TCP_RST_LIMIT?
I am confused. Are we talking TCP or ICMP?
I searched the archives but they generally do not talk beyond saying that
these messages are generated by NMAP scans. I need more details.
Thanks for any replies,
-ansh
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.33.0202060714280.12511-100000>