On Thu, Sep 15, 2005 at 01:43:56PM -0500, Boris Karloff wrote: > Hello: > > How do I cause freeBSD 5.4 to not respond to an nmap > inquiry? I have already tried creating a line in rc.firewall > that says: > > ${fwcmd} deny all from any to any > ${fwcmd} drop all from any to any > > I know these are active, since 1) I see them on the screen > at startup, and 2) pinging from any computer to any computer > results in a timeout. > > (both of these should drop all TCP packets; but apparently, > they cause a RESET message to be sent.)
Umm, try putting the drop before the deny. AFAIK, drop just drops the packet totally, and deny sends a RST back to the host. That is if ipfw works that way (ICBW). You don't need both these lines anyway, only one of them. -John _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"