From owner-freebsd-questions@FreeBSD.ORG  Fri Nov 18 02:35:50 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4DB8516A41F
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Nov 2005 02:35:50 +0000 (GMT)
	(envelope-from wmoran@potentialtech.com)
Received: from internet.potentialtech.com (internet.potentialtech.com
	[66.167.251.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0034B43D4C
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Nov 2005 02:35:49 +0000 (GMT)
	(envelope-from wmoran@potentialtech.com)
Received: by internet.potentialtech.com (Postfix, from userid 80)
	id F2F1069A4E; Thu, 17 Nov 2005 21:35:48 -0500 (EST)
Received: from 162.51.212.16 (SquirrelMail authenticated user wmoran)
	by www.potentialtech.com with HTTP;
	Thu, 17 Nov 2005 21:35:48 -0500 (EST)
Message-ID: <43885.162.51.212.16.1132281348.squirrel@www.potentialtech.com>
In-Reply-To: <003001c5ebe2$aa0e3040$8a0010ac@antonioh89t9q9>
References: <003001c5ebe2$aa0e3040$8a0010ac@antonioh89t9q9>
Date: Thu, 17 Nov 2005 21:35:48 -0500 (EST)
From: "Bill Moran" <wmoran@potentialtech.com>
To: "Antonio Gandara" <antonio@triforce.info>
User-Agent: SquirrelMail/1.4.5
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: freebsd-questions@freebsd.org
Subject: Re: RST response in message log?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2005 02:35:50 -0000

Antonio Gandara wrote:
> Hi,
>
> Just had a general question as to this message which appeared in the
> message
> log file and dmesg. While I understand it is reducing response to packets,
> I
> am perplexed as to what causes this to happen? I am running 4.11 Release.
>
> Nov 16 11:07:18 eagle /kernel: Limiting closed port RST response from 300
> to
> 200 packets per second

While there are other things that could cause this, it's almost always
indicative of a portscan.

The RSTs are limited to prevent DoS attacks from generating overly huge
amounts of traffic.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com