This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigA80D9044DD1DBAE320BC9311
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Aryeh M. Friedman wrote:
> Limiting closed port RST response from 266 to 200 packets/second.


In the average case, someone is doing a portscan against you. In the
worst case, they're trying to do a DOS attack.

I suggest that you set the following sysctl variables

net.inet.tcp.blackhole=3D2
net.inet.udp.blackhole=3D1

and that you read the man page for blackhole(4).

P.S. this would better fit on freebsd-questions@

--=20
Pietro Cerutti

PGP Public Key:
http://gahr.ch/pgp


--------------enigA80D9044DD1DBAE320BC9311
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (FreeBSD)

iEYEAREKAAYFAkexl28ACgkQwMJqmJVx947xXwCfZqxuON1l5c 09Bv4siARBfsak
bjEAoNtUDhz1Fsi9aqt4LXoXsxu0fETL
=2ODR
-----END PGP SIGNATURE-----

--------------enigA80D9044DD1DBAE320BC9311--