Closed means the range 6000:6009 isn't filtered when I want only 22 to be open.
nmap just pointed that out On Sun, Apr 26, 2015 at 4:40 AM, Philip Guenther <pguent...@proofpoint.com> wrote: > On Sat, 25 Apr 2015, Danilo Falcão wrote: > > There's a typo in the original pf.conf (OpenBSD 5.6) > > > > - Original /etc/pf.conf > > > > *# By default, do not permit remote connections to X11* > > *block return in on ! lo0 proto tcp to port 6000:6010* > > > > - Result (nmap) > > > > rembrandt:~ root# nmap -P0 jumbo.falcao.org > > > > Starting Nmap 6.47 ( > https://urldefense.proofpoint.com/v2/url?u=http-3A__nmap.org&d=BQIBaQ&c=Vxt5e0Osvvt2gflwSlsJ5DmPGcPvTRKLJyp031rXjhg&r=UiBcMWGRBqfiBnuYGz_BdxeNkPmhNSwQ-rm1SvEkgxQ&m=IrU_JuBx6x14pzbhUnGvSKewVdPd8tmQ19IXPnawzOs&s=cCLwZOay3p8UrDWTOCPNUa7hlF_zEFUkYeG8RsZur74&e= > ) at 2015-04-26 04:24 CEST > > Nmap scan report for jumbo.falcao.org (184.107.114.200) > > Host is up (0.14s latency). > > Not shown: 990 filtered ports > > PORT STATE SERVICE > > 22/tcp open ssh > > 6000/tcp closed X11 > > 6001/tcp closed X11:1 > > 6002/tcp closed X11:2 > > 6003/tcp closed X11:3 > > 6004/tcp closed X11:4 > > 6005/tcp closed X11:5 > > 6006/tcp closed X11:6 > > 6007/tcp closed X11:7 > > 6009/tcp closed X11:9 > > > > Nmap done: 1 IP address (1 host up) scanned in 11.52 seconds > > rembrandt:~ root# > > > > If I remove the "!", then all is fine. Hope it helps > > > > Please explain what you think the output of nmap *means*, particularly the > word "closed". >