Date: Fri, 2 Aug 2002 10:33:46 +0300 From: "Toomas Aas" <toomas.aas@raad.tartu.ee> To: Anshuman Kanwar <akanwar@engineering.ucsb.edu>, freebsd-questions@freebsd.org Subject: Re: RST limit and ICMP_BANDLIM Message-ID: <200208020735.g727Z5031324@lv.raad.tartu.ee> In-Reply-To: <Pine.LNX.4.33.0202060714280.12511-100000@linux22.engr.ucsb.edu> References: <3C2F6ADA.95396383@expertcity.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> From: Anshuman Kanwar <akanwar@engineering.ucsb.edu> > To: <freebsd-questions@FreeBSD.ORG> > Subject: RST limit and ICMP_BANDLIM > I understand that RST packets are returned for TCP packets that are > reseived for closed ports. And a log messsge of the form: > > Limiting closed port RST response from 233 to 200 packets per second > > is generated. > > My questions about this are: > > 1) What happens if the packets are dropped without returning a RST. > Will this be against RFC specs. > > 2) Is there a kernel option to enable the above behavior. I could not > find anything in LINT. There is the net.inet.tcp.blackhole sysctl that does what you seem to be looking for. See man blackhole for details. -- Toomas Aas | toomas.aas@raad.tartu.ee | http://www.raad.tartu.ee/~toomas/ * Testicle -- n., a humorous question to an exam. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208020735.g727Z5031324>