On 2004.10.27 11:26:00 +0000, Florian Hengstberger wrote: > Hi! > > I'm compiled a Kernel using the GENERIC config-file that > comes with the default 5.2.1 installation adding support > for ipfw. > I tried to scan my computer with a linux machine running nmap, > but nmap tells me that the host seems to be down altough I was able > to ping the freebsd-host. > So I flushed all rools for the firewall with ipfw flush (the still > existing default rule enables all trafic because I compiled this in > my kernel, ipfw -c list told me that this is true.) > Anyway, nothing changes, all ports seem to be closed running nmap, > pings are successfull again! > > 1) What's wrong with my configuration?
Don't know yet, but what does ipfw show says? Maybe it enabled the /etc/rc.firewall? > 2) I've tried to add all kernel options to this mail using the online > handbook from www.freeebsd.org. I realized that the firewall section > covers now the OpenBSD filter pf. WhatÅs the state of the art? > How do I enable pf under 5.2.1 - package or port? To enable PF put in your firewall: options IPFILTER #ipfilter support These can be put optionally: options IPFILTER_LOG #ipfilter logging options IPFILTER_DEFAULT_BLOCK #block all packets by default I don't think you want the last one yet, so first comment it out. > 3) Is there something similar like nmap or is there a BSD-network scanner, > which usage is recommended? Dunno, i use nmap on my boxes as well. Works great. > > Thanks in advance, > Florian > Your welcome. Mark. > ------------------------------------------------------ > Florian Hengstberger > [EMAIL PROTECTED] > http://stud3.tuwien.ac.at/~e0025265 > ------------------------------------------------------ > > > > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"