finding the port for "kernel: Limiting open port RST response from x to y packets/sec"
nusenu
nusenu-lists at riseup.net
Sat Aug 25 23:24:28 UTC 2018
Hello Michael,
thanks for your reply.
Michael Sierchio:
>> Is there a way to find out which specific TCP port is getting hammered
>> or any other additional debug information related to these log entries?
>> (the server has multiple open and publicly reachable open TCP ports)
>>
>
> You can identify and log these packets in IPFIREWALL (man ipfw).
>
> You can also set sysctl net.inet.tcp.log_debug=1
unfortunately net.inet.tcp.log_debug=1 logs too much (I should only get my
IP and port, but not the other side's).
I assume there are many potential reasons why the kernel would reply
with an RST on an open port, are there pre-existing rulesets that
match the kernel's reasons?
--
https://twitter.com/nusenu_
https://mastodon.social/@nusenu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20180825/5ad69162/attachment.sig>
More information about the freebsd-questions
mailing list