Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] SuSEfirewall2 - external nmap
1/24/02 2:54:57 PM, Andreas Fiesser <fiesser@xxxxxxx> wrote:

>Karsten Schell wrote:
>> Since I am running mysqld on my server the port 3306 is open though its not
>> inlcuded in EXTERNAL_TCP services
>Did you run nmap on the external side of your packetfilter ?

I have a firewall running on a linux PC behind a CM which is connected to the eth0 interface and
a home lan on eth1 currently serving a couple of windows boxes.
I run squid as a proxy server on the linux box (not ideal as it's on the firewall but I only have the
one linux box). Squid might seem over the top for this setup but it dramatically speeds up browsing,
particularly on the ad-heavy US sites and it was pretty easy to set up.

I've set ACLs in squid to only allow access on the masqueraded 192.168.x.x network.
How can I run nmap on the external side of my packet filter, as I think currently when I run nmap it
shows the 3128 port open because it's being run from *behind* the firewall (I can't run nmap at


Tim Harrell

< Previous Next >