portscans and blackhole

[sa9k063]

Hello,

can someone please explain:

one of my boxes gets portscanned often by some likely infected laptops.
While having set

net.inet.tcp.blackhole=1

there are still messages like

+Limiting closed port RST response from 348 to 200 packets/sec

appearing. Are these RSTs actually sent out or does this just pop up
for some other reason ?

This is on 8.4-stable btw.

thanks,

Tee