[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: strange results with pf

To: Matthijs Mohlmann <matthijs@active2.homelinux.org>,tech@openbsd.org
Subject: Re: strange results with pf
From: "Alexei G. Malinin" <mag@ecom-it.ru>
Date: Wed, 20 Aug 2003 13:26:35 +0400
Organization: ECom-IT Limited, Moscow
References: <200308200838.h7K8cGtj002138@mx.ecom-it.ru> <1061370838.352.2.camel@Active2>
User-Agent: Mozilla (compatible, MSIE 5.5, Windows NT 4.0)

Matthijs Mohlmann wrote:

>If i'm right:
>
>block return-rst in inet proto tcp all
>
this rule is in my pf.conf (see the previous letter)

>
>You don't close the tcp connection at all and then nmap says it's a open
>port.
>
The talk is about all protocols (not only tcp) and protocol scanning by
nmap.
If I have single rule such this "pass all" in pf.conf - my host sends
icmp "proto-unr" but
with the given configuration does not!!!

>
>I'm not sure but i think that rule it is.
>


-- 
Alexei Malinin,
Chief Specialist of
Network Technologies Department,
ECom-IT Limited,  Moscow
Basic Element Inc.,  Russia

Follow-Ups:
- Re: strange results with pf
  - From: Daniel Hartmeier <daniel@benzedrine.cx>
- Re: strange results with pf
  - From: Matthijs Mohlmann <matthijs@active2.homelinux.org>

References:
- strange results with pf
  - From: "Alexei G. Malinin" <mag@ecom-it.ru>
- Re: strange results with pf
  - From: Matthijs Mohlmann <matthijs@active2.homelinux.org>

Prev by Date: Re: strange results with pf
Next by Date: Re: strange results with pf
Prev by thread: Re: strange results with pf
Next by thread: Re: strange results with pf
Index(es):
- Date
- Thread