Date: Mon, 05 Dec 2016 08:31:19 +0800 From: Ernie Luzar <luzar722@gmail.com> To: marcel <marcel.plouf@gmail.com> Cc: jail@freebsd.org Subject: Re: Closing ports in jail with ipfw Message-ID: <5844B557.7050304@gmail.com> In-Reply-To: <20161117233607.3430afd4@marcel-laptop.lan> References: <20161117233607.3430afd4@marcel-laptop.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
marcel wrote: > Hi there, > > I've created a jail and when I do a nmap on his IP, I can see that port > 25 and 22 are open but I don't want. So i've tried to create an IPFW > rule by adding 'ipwf -q add 00290 deny all from router to jail' to my > host ipfw conf file and applied it but ports jail are still open. How > can I close or open the ports of my jail ? > > Thanks ! You can not run nmap on the host targeting the jails ip. Doing so only shows you open ports on the host. You have to run nmap from a computer on a different public ip address targeting the public ip address assigned to the jail. If jail is using a non-routeable ip address, nmap is useless in looking for jail open ports.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5844B557.7050304>