[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: strange results with pf

To: "Alexei G. Malinin" <mag@ecom-it.ru>
Subject: Re: strange results with pf
From: Daniel Hartmeier <daniel@benzedrine.cx>
Date: Wed, 20 Aug 2003 11:41:45 +0200
Cc: Matthijs Mohlmann <matthijs@active2.homelinux.org>,tech@openbsd.org
Content-Disposition: inline
References: <200308200838.h7K8cGtj002138@mx.ecom-it.ru> <1061370838.352.2.camel@Active2> <200308200930.h7K9Uotj015728@mx.ecom-it.ru>
User-Agent: Mutt/1.4.1i

On Wed, Aug 20, 2003 at 01:26:35PM +0400, Alexei G. Malinin wrote:

> The talk is about all protocols (not only tcp) and protocol scanning by
> nmap.

Make sure you are scanning from a separate host. Running nmap on the
firewall itself (against one of its own addresses or another host) will
cause EHOSTUNREACH errors from the stack when pf blocks outgoing
packets (like, when you allow only flags S/SA to create state and block
by default, but nmap tries to send ACK, SYN+ACK or xmas flags).

Daniel

Follow-Ups:
- Re: strange results with pf
  - From: "Alexei G. Malinin" <mag@ecom-it.ru>

References:
- strange results with pf
  - From: "Alexei G. Malinin" <mag@ecom-it.ru>
- Re: strange results with pf
  - From: Matthijs Mohlmann <matthijs@active2.homelinux.org>
- Re: strange results with pf
  - From: "Alexei G. Malinin" <mag@ecom-it.ru>

Prev by Date: Re: strange results with pf
Next by Date: Re: strange results with pf
Prev by thread: Re: strange results with pf
Next by thread: Re: strange results with pf
Index(es):
- Date
- Thread