Suppressing "Limiting icmp unreach response" log messages

Christopher Cowart ccowart at
Thu Mar 27 10:14:42 PDT 2008

Paul Hoffman wrote:
> How can I eliminate the "Limiting icmp unreach response" messages from 
> getting to /var/log/messages or to the console? I have a spate of them that 
> is causing log rollovers. I think I know the source of the problem, but 
> need to get rid of the messages first.

The icmp unreach responses happen when someone sends a UDP packet to
your computer on a port with no running service (or at least, this is
the most likely explanation). Some options:
  * Set up a firewall to deny the inbound traffic
  * Configure blackhole(4) to do the same

I wouldn't recommend attacking the problem from the point of view of
just making the log messages go away, but if you're comfortable with
that, then the other post recommendinding syslog-ng might work for you
(though I'd recommend configuring a pattern match on the message you
want to discard or re-route).

Chris Cowart
Network Technical Lead
Network & Infrastructure Services, RSSP-IT
UC Berkeley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 825 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list