Date: Mon, 28 May 2001 09:28:51 -0400 From: Bill Moran <wmoran@iowna.com> To: Alex M <alex@myzona.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipfw and nmap Message-ID: <3B125293.10522873@iowna.com> References: <001701c0e736$25f5f460$ea31fea9@parkson>
next in thread | previous in thread | raw e-mail | index | archive | help
Get more specific with your ruleset, or add a rule that specifically allows anything going out such as: 00900 allow ip from ${myip} to any Is that your entire ruleset? If it is, I'm confused as to what could be blocking your nmap scans. I would think everything would work except the ports you have listed. -Bill Alex M wrote: > > Hi all, > > i recently been playing with ipfw and added the following rules: > > voyager# ipfw list > 01000 deny tcp from any to any 111,587,3306 > 01100 deny udp from any to any 111,587,3306 > 01200 allow tcp from any to any established > 65000 allow ip from any to any > 65535 deny ip from any to any > > After that I discovered several problems with nmap, for example: > > voyager# nmap -sT localhost > Strange error from connect (13):Permission denied > ...scan will continue. > > voyager# nmap -sS localhost > sendto in send_tcp_raw: sendto(3, packet, 40, 0, 127.0.0.1, 16) => > Permission denied > Sleeping 15 seconds then retrying > ...scan will stop. > > Can these errors be avoided somehow? Any help will be appreciated, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B125293.10522873>