daniel quinn wrote:
i've been experimenting with ipfw since moving some of my machines from linux
to freebsd and i've run across an oddity wrt nmap and freebsd firewalls. it
doesn't seem to work and the activity isn't logged either.
the firewall is working though. ssh goes through, while other
You could try using nmap with the -sA (ACK) scanning...this is good
for mapping firewall rulesets to see what is being let in. You could
also use -f (fragment) with -sS to send fragmented packets...this will
show open ports unless most of the time too. But -sA is better since
the firewall things it
i've been experimenting with ipfw since moving some of my machines from linux
to freebsd and i've run across an oddity wrt nmap and freebsd firewalls. it
doesn't seem to work and the activity isn't logged either.
the firewall is working though. ssh goes through, while other ports are being
bl
On Wed, Feb 23, 2005 at 11:49:39AM -0500, sn1tch wrote:
> I am fairly new to IPFW, I have question regarding the stateful part
> of it. Now I may just be misunderstanding this so set me straight if I
> am. From what I understand when you add a check-state rule and then
> following that a rule to ke
I am fairly new to IPFW, I have question regarding the stateful part
of it. Now I may just be misunderstanding this so set me straight if I
am. From what I understand when you add a check-state rule and then
following that a rule to keep-state, if a packet destined for that
port is new and "setup"