finding the port for "kernel: Limiting open port RST response from x to y packets/sec"

nusenu nusenu-lists at
Sat Aug 25 23:24:28 UTC 2018

Hello Michael,

thanks for your reply.

Michael Sierchio:
>> Is there a way to find out which specific TCP port is getting hammered
>> or any other additional debug information related to these log entries?
>> (the server has multiple open and publicly reachable open TCP ports)
> You can identify and log these packets in IPFIREWALL (man ipfw).
> You can also set  sysctl net.inet.tcp.log_debug=1

unfortunately net.inet.tcp.log_debug=1 logs too much (I should only get my
IP and port, but not the other side's).

I assume there are many potential reasons why the kernel would reply
with an RST on an open port, are there pre-existing rulesets that
match the kernel's reasons?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the freebsd-questions mailing list