pf block port scanning

Barbaros Bilek Thu, 07 Oct 2021 06:59:03 -0700

Hello misc,

I try to block port scanning attempts with OpenBSD 6.9/amd64 + PF.
At the top of my pf.conf i've added these lines but it didn't work.


block in quick proto tcp all flags SF/SFRA label bps1
block in quick proto tcp all flags FPU/SFRAUP label bps3
block in quick proto tcp all flags /SFRA label bps4
block in quick proto tcp all flags F/SFRA label bps5
block in quick proto tcp all flags U/SFRAU label bps6

Interface1 : 192.168.91.1/24
Interface2 : 192.168.88.1/24

Client (192.168.91.121) scans ports of server (192.168.88.63)
Both devices' gateway is OpenBSD.
Here nmap command that the client uses:
nmap --send-eth 192.168.88.63

So at this point, OpenBSD doesn't block port scan. What should I do?
Thanks in advance for your help.

--
Best Regards,
Barbaros Bilek

pf block port scanning

Reply via email to