Testing multiple ports

Redirecting a range of ports

Usefull if you need to test a range of ports but dont have a server that listen to all the ports. this forward to the webserver. run
[code laungage=”bash”]firewall-cmd –zone=public –add-forward-port=port=6000-6500:proto=tcp:toport=80[/code]

reload the firewall then you have finished testing to remove the rule.
[code laungage=”bash”]firewall-cmd –reload[/code]

Test if port range is open

[code laungage=”bash”]nmap -d2 -p 6000-6500 > 6000-6500.txt[/code]


OpenVPN and webConfigurator on port 443

Small gotcha if you are running webConfigurator on port 443 on the lan side and a OpenVPN server on port 443 on the wan side. In the case of a reboot and the wan interface don’t go up (Cable is unplugged). OpenVPN binds to port 443 before webConfigurator, and since OpenVPN cant bind to wan (because its down) it will bind to all interfaces.


DNS Resolve Domain Overrides

Tried to make domain from one PFsense accessible to another PFsense using domain overrides in DNS resolver (unbound). Apparently unbound is miss configured as default so it does not find the route to the other pfsense box.