Thanks. I was hoping someone, likely the pfSense guys if it didn't already exist, had developed a command/tool that would allow one to ask pf's filtering mechanisms whether "this could talk to that" via the current config/rules. It seems that this would be not only invaluable for (at least preliminary) testing, but would also be good for admins to check whether they seem to have gotten things configured correctly.
Bryan D. http://www.derman.com/ On 2013-Mar-20, at 2:51 AM, mayak-cq <ma...@australsat.com> wrote: > On Tue, 2013-03-19 at 23:19 -0700, Bryan D. wrote: > >> I've searched both the list archives and forums, though I wasn't sure what >> phrase would yield results, and have not found an answer to the question: >> --- >> Is there a way to ask pfSense something like "would a <UDP|TCP> packet >> arriving on <interface> <port> from <IP address> be passed to <IP address> >> on <interface> <port>?" >> >> In short, is there a way to quickly test the rule/NAT behavior (i.e., >> without actually having created the subject WAN setup)? > > hi bryan, > > i use nmap setting source and destination ports -- i run nmap on boxes > infront of and behind pfsense. > > i am not aware a `tool` that does this. > > cheers > > m > _______________________________________________ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
