Limiting closed port RST
Manolis Kiagias
sonic2000gr at gmail.com
Thu Sep 25 15:45:39 UTC 2008
Vlad GURDIGA wrote:
> Hello,
>
> I've started an Apache bechmark with ab today and a lot of such
> messages from kernel appeared in /var/log/messages:
>
> Sep 25 16:16:34 dev01 kernel: Limiting closed port RST response from
> 270 to 200 packets/sec
> Sep 25 16:19:10 dev01 kernel: Limiting closed port RST response from
> 475 to 200 packets/sec
> Sep 25 16:19:15 dev01 kernel: Limiting closed port RST response from
> 220 to 200 packets/sec
> Sep 25 16:19:19 dev01 kernel: Limiting closed port RST response from
> 243 to 200 packets/sec
>
> What do they mean?
>
>
This normally means someone is repeatedly attempting to connect to a
closed port, i.e. you are getting port-scanned!
Normally the kernel limits this response so the connection is not
overwhelmed by the replies
Maybe your benchmark attempts to also connect to a port other than 80?
(i.e. 443 and you are not running https)
More information about the freebsd-questions
mailing list