Thread: nmap scans
View Single Post
  #2   (View Single Post)  
Old 29th January 2009
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 445
Default

A stab in the dark, but don't you want to keep state on those rules? e.g.

pass out on $ext_if proto { tcp, udp, icmp } all keep state

(This is assuming your version of FBSD & pf don't implicitly keep state already.)

---

P.S. If that's not working, maybe you should post your full pf ruleset and the full nmap scan command you're trying to run.
__________________
Kill your t.v.
Reply With Quote