[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pf and return-rst
- To: misc@openbsd.org
- Subject: Re: pf and return-rst
- From: "A farmer using BSD, eh!" <GreenNeck@use.net>
- Date: Tue, 31 Jul 2001 20:56:17 -0700
- Content-Disposition: inline
- References: <Pine.BSO.4.31.0107300659190.23876-100000@tristan.stillaway.net> <20010731103017.A10416@use.net> <20010731174303.30650.qmail@bsw005.bsws.de>
On Tue, Jul 31, 2001 at 07:43:03PM +0200, Henning Brauer wrote:
> On Tue, Jul 31, 2001 at 10:30:17AM -0700, A farmer using BSD, eh! wrote:
> > On Mon, Jul 30, 2001 at 07:03:15AM -0700, Steven Stillaway wrote:
> > > I have a rule:
> > > block return-rst in on hme0 proto tcp from any to any port = 111
> > > which is blocking the port, but when I do a basic nmap of the box it still
> > > shows port 111 as being filtered instead of indicating nothing is running.
> > Did you shut down portmap? If not, of course it is running.
> > filtered means it's being firewalled. Open means it's for everyone.
> > Do you want portmap or not?
> With IPF, ports shielded by return-rst were reported as closed. which makes
> sense. Stevens statement seems more likely to pint out resetting the tcp
> connection (return-rst...) didn't work.
>
Ahh. So a farmer can't read well. ;-) Am used to helping newbies only.
Funny the pf in my current box reports no 111 against nmap -sS -Po.
Maybe we have different pf. No comment on ipf behavior.