From owner-freebsd-questions@FreeBSD.ORG Mon Mar 14 16:53:17 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1D77A16A4CE for ; Mon, 14 Mar 2005 16:53:17 +0000 (GMT) Received: from mci-mail.nodes.net.ad-flow.com (mci-mail.nodes.net.ad-flow.com [66.48.68.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6ED6143D2F for ; Mon, 14 Mar 2005 16:53:14 +0000 (GMT) (envelope-from freebsd@danielquinn.org) Received: from douglas ([66.59.162.147]) (authenticated)j2EGptK23402 for ; Mon, 14 Mar 2005 16:51:55 GMT Exocomm-Delivery-Date: Mon, 14 Mar 2005 16:51:55 GMT Exocomm-URL: www.exocomm.com From: daniel quinn To: questions@freebsd.org Date: Mon, 14 Mar 2005 11:52:54 -0500 User-Agent: KMail/1.7.2 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200503141152.55407.freebsd@danielquinn.org> Subject: ipfw and nmap X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Mar 2005 16:53:17 -0000 i've been experimenting with ipfw since moving some of my machines from linux to freebsd and i've run across an oddity wrt nmap and freebsd firewalls. it doesn't seem to work and the activity isn't logged either. the firewall is working though. ssh goes through, while other ports are being blocked (and logged). i've confirmed this with telnet. but nmap still comes up empty. i'd like to be able to do a proper portscan, but is this a feature with ipfw or a lack of feature in nmap? for the purposes of this test, i've used a variation on the firewall supplied in the freebsd handbook: www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html -- ...he who in dealing with the empire loves his subjects as one should love one's body is the best person to whom one can commit the empire. - lau tzu, "tao te ching: chapter xiii"