Closed port RST: Any way to find out what port(s)?
Larry Rosenman
ler at lerctr.org
Mon May 16 18:44:41 UTC 2016
On 2016-05-16 12:36, Gary Palmer wrote:
> On Mon, May 16, 2016 at 12:31:02PM -0500, Larry Rosenman wrote:
>> I'm seeing tons of:
>> Limiting closed port RST response from 201 to 200 packets/sec
>> in my log. Is there any way to see what port(s) are being pounded?
>
> sysctl net.inet.tcp.log_in_vain=1
>
> I expect you would get a ton of spam from that, so my suggestion would
> be tcpdump. e.g.
>
> tcpdump -i <interface> -n 'tcp[tcpflags] & (tcp-rst) != 0'
>
> Regards,
>
> Gary
Thanks, Gary. Turns out it's a "known issue" with multimedia/plex*, and
occasionally it will
stop answering on 33400.
the sysctl helped there.
--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: ler at lerctr.org
US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281
More information about the freebsd-net
mailing list