Hello Guys,
I've a firewall script that deals with portscan in its external
interface. I'm doing that using psd module, which works just fine for this
situation. psd module is being called on INPUT rule.
Altough it works absolutely fine when someone tries to portscan the
firewall, it seems to show all DNATed ports on the scanner. I'm sure it's
doing that because no DNATed packet reached INPUT rule, where psd is being
applied.
Question is: in which chain/rule should I use psd module to get portscan
in DNATed ports ?? I was thinking in doing this on NAT OUTPUT .... what do
you think ?
Sincerily,
Leonardo Rodrigues
