Limiting closed port RST response

Jez Hancock jez.hancock at
Fri Jun 20 09:35:42 PDT 2003

On Fri, Jun 20, 2003 at 09:55:19AM +0100, Matthew Ryan wrote:
> Could this be a DOS atttack?
It could be, but more likely it's someone trying to determine what ports
are open with a tool such as nmap.

> Where do I find a more detailed log?
Configure a firewall such as ipf and make sure you opt to log blocked

> I'm running FreeBSD 4.8 Release - the box is basically just a gateway 
> router running natd and dhcpd.
ipf and ipnat run nicely together to provide a combination of nat and
filtering - although if you already have nat running it's probably best
just to configure a basic ipf firewall that allows just the traffic you
want.  Have a look here for more info on ipf:

My old rulesets for ipf are here:


More information about the freebsd-questions mailing list