Date: Tue, 23 Sep 2003 10:16:58 +0200 From: "Toan Hoang" <ignorabimus2002@hotmail.com> To: freebsd-stable@freebsd.org Subject: Re: IPFilter and Nmap Message-ID: <Sea1-F107JDUdq96Aqr00001a93@hotmail.com>
next in thread | raw e-mail | index | archive | help
>From: Mark Woodson <mwoodson@sricrm.com> >It's IPFILTER_DEFAULT_BLOCK. > >less /usr/src/sys/i386/conf/LINT | grep IPFILTER > >That will list out the kernel options with IPFILTER in the line. Yes, seems ok there... >Unless the box will not connect with anything, you'll want to at the >very least add > >pass out all on dc0 keep state added that line, and changed to fxp0 and added pass in quick on fxp0 proto udp from x.x.x.x/32 to any prot = 38 keep state > >You didn't mention rc.conf > >ipfilter_enable="YES" >ipmon_enable="YES" yes, got that enabled and also got: ipmon_flags="-Dsvn" ipnat_enable=YES" But does anybody know why I got reported that som many ports is open when I scan my FreeBSD with Nmap????? Toan _________________________________________________________________ Last ned nye MSN Messenger 6.0 gratis http://www.msn.no/computing/messenger - Den korteste veien mellom deg og dine venner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Sea1-F107JDUdq96Aqr00001a93>