Date: Mon, 16 May 2016 13:44:39 -0500 From: Larry Rosenman <ler@lerctr.org> To: Gary Palmer <gpalmer@freebsd.org> Cc: Freebsd net <freebsd-net@freebsd.org> Subject: Re: Closed port RST: Any way to find out what port(s)? Message-ID: <18e9fde27f20c53a1d21b7a2160595b9@thebighonker.lerctr.org> In-Reply-To: <20160516173649.GA15236@in-addr.com> References: <472a21d960dd951dfd4a70e5dc94b7e5@thebighonker.lerctr.org> <20160516173649.GA15236@in-addr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2016-05-16 12:36, Gary Palmer wrote: > On Mon, May 16, 2016 at 12:31:02PM -0500, Larry Rosenman wrote: >> I'm seeing tons of: >> Limiting closed port RST response from 201 to 200 packets/sec >> in my log. Is there any way to see what port(s) are being pounded? > > sysctl net.inet.tcp.log_in_vain=1 > > I expect you would get a ton of spam from that, so my suggestion would > be tcpdump. e.g. > > tcpdump -i <interface> -n 'tcp[tcpflags] & (tcp-rst) != 0' > > Regards, > > Gary Thanks, Gary. Turns out it's a "known issue" with multimedia/plex*, and occasionally it will stop answering on 33400. the sysctl helped there. -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 E-Mail: ler@lerctr.org US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18e9fde27f20c53a1d21b7a2160595b9>